Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising

May 18, 2024 at 02:27PM A ransomware operation targeted Windows system administrators by using Google ads to promote fake download sites for WinSCP and PuTTY. The counterfeit sites hosted trojanized installers and exploited DLL sideloading to install the Sliver post-exploitation toolkit, allowing remote access and potential deployment of ransomware. This campaign utilized typosquatting and displayed … Read more

PuTTY SSH client flaw allows recovery of cryptographic private keys

April 16, 2024 at 11:07AM The PuTTY version 0.68 through 0.80 contains a vulnerability (CVE-2024-31497) that could allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation. It affects systems using ECDSA keys and could be exploited to gain unauthorized access to SSH servers or sign commits as … Read more

Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack

April 16, 2024 at 07:27AM PuTTY SSH and Telnet client versions 0.68 through 0.80 are vulnerable to a flaw allowing recovery of private keys. The issue, designated CVE-2024-31497, was discovered by Fabian Bäumer and Marcus Brinkmann. The concern affects PuTTY and several other related products, mitigated in recent versions. Users are advised to update and … Read more