@TrueSkrillor joins the infosec community with a bang: A new attack class against the SSH protocol!

Announcing SPIQE 2026: 2nd Workshop on Secure Protocol Implementations in the Quantum Era, bringing together researchers and implementers to securely deploy PQC! 📍 Co-located with Euro S&P in Lisbon, Portugal, July 6-10, 2026 https://t.co/yQmVqbvYFH #SPIQE2026 #EuroSP #PQC

FOLLOW US ON BLUESKY! We found a new vulnerability in TLS. It's a variant of the ALPACA attack that bypasses current countermeasures. Relatively low impact - but great insight! Check it out: https://t.co/2ZLCeXTynM // via

CVE-2025-32433: Unauthenticated Remote Code Execution in Erlang/OTP SSH https://t.co/78AAH6g0SP Allows an attacker with network access to an Erlang/OTP SSH server to execute arbitrary code without prior authentication. Estimated CVSSv3 of 10.0.

Reminder, you must register your Real World Crypto 2025 submission by Friday AoE to have it considered, but you can finalise it until Monday (not AoE!), see https://t.co/zgDJ5GClM8 We hear there's a competing S&P deadline and we're nice like that. @RealWorldCrypto @grittygrease

The deadline for getting talk proposals in for @RealWorldCrypto 2025 is about two weeks away... https://t.co/ICiCgftbpu Talk proposals are short, so there is no excuse in not putting in a bid to talk about your fave applied crypto thing from the last year.

We want to introduce you to our next #WomeninITS role model Anna Piscitelli! Anna is a PhD student here at CASA and her research focuses on the analysis and detection of vulnerabilities within smart contracts. Learn more about #WomeninITS: https://t.co/gu70pBjnXg

The call for presentations of #RuhrSec 2025 is now open! ✅ Bring your expertise to the stage—submit your proposal today! 🎯 👉 https://t.co/q1CW7VC5GU #cfp #conference #ITSecurityConference #NRW #Bochum #itsecurity #itsicherheit #cybersicherheit

Fabian Bäumer @TrueSkrillor,Marcus Brinkmann @lambdafu + Jörg Schwenk @JoergSchwenk received a Distinguished Paper Award + Distinguished Artifact Award for“Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation"at #usesec24🔎 https://t.co/fKnAWtGrgv (2/3)

At 4:30 pm (GMT-4) today, CASA PI @yuvalyarom presents his paper “SledgeHammer: Amplifying Rowhammer via Bank-level Parallelism” at #USENIX 24.👉Check out the full paper here: https://t.co/X6WTAg3935 #cybersecurity #usesec24

[1/4] If you've ever tried finding timing side channels by actually measuring, you probably know that this can be incredibly frustrating. But it does not have to! While major side-channels are easy to detect, more subtle ones, especially when the measurements are noisy, are not!

So, Google Chrome gives all *.google.com sites full access to system / tab CPU usage, GPU usage, and memory usage. It also gives access to detailed processor information, and provides a logging backchannel. This API is not exposed to other sites - only to *.google.com.

When registering for IACR Crypto'24, please consider signing up for the Workshop on Attacks in Cryptography 7 (WAC7) on Sunday. Our program is online: https://t.co/4fUrAyAbfx (modulo some attacks that are too new to be out of their embargo yet).

Citrix warns admins to manually mitigate PuTTY SSH client bug - @serghei https://t.co/w2wFiT2zfP https://t.co/w2wFiT2zfP

Researchers found #vulnerabilities in #PuTTY SSH libraries (v0.68-0.80). Stairwell's research goes further, revealing more potentially at-risk software not in the #NIST advisory. See our report for a full list and a YARA rule to help these vulns:

@lambdafu WinSCP 6.3.3 has been released https://t.co/1GLtHxqa8W

CVE-2024-31497: PuTTY: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces https://t.co/uVOkwMX3Aw Affected Products - PuTTY 0.68 - 0.80 - FileZilla 3.24.1 - 3.66.5 - WinSCP 5.9.5 - 6.3.2 - TortoiseGit 2.4.0.2 - 2.15.0 - TortoiseSVN 1.10.0 - 1.14.6

PuTTY 0.81 has been fixed to use a more secure nonce generation (RFC6979 by Thomas Pornin). Filezilla Client 3.67.0 also includes a fixed version of PuTTY. Git Tortoise and WinSCP also ship with a bundled PuTTY, but no update is available yet. 🤞

Using recent versions of the attack by Albrecht/Heninger, we can calculate the private key from 58 PuTTY P-521 signatures with a 50% probability (59 sigs: 94% success, 60 sigs: 100% success). https://t.co/pamXyXhAlB Shout out to @nowakow_ski for helping us understand the math!

The attack on ECDSA with biased nonces is a standard technique. An attacker collects at least 521/9≈58 signatures from signed Git commits or victim logins into the attacker's SSH server. A bit of math allows the attacker to calculate the private key offline.

For DSA (160 bit) and ECDSA P-256/P-384, the modulo is so small that a 512 bit number wraps around often, and the output looks pseudo-random. Not so for P-521! Here the modulo is a no-op, and the high 9 bits of the nonce are always zero! This is enough to allow an attack!