A vulnerability (CVE-2024-31497) in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the “heavily biased” ECDSA nonces (random values used once), researchers have discovered. “To be more precise, the first 9 bits of each ECDSA nonce are zero. This allows for full secret key recovery […]
Better application networking and security with CAKES
Modern software applications are underpinned by a large and growing web of APIs, microservices, and cloud services that must be highly available, fault tolerant, and secure. The underlying networking technology must support all of these requirements, of course, but also explosive growth. Unfortunately, the previous generation of technologies are too expensive, brittle, and poorly integrated […]