牙買加國家安全運營中心已經透露，數百萬RSA鑰匙已經無意間暴露了，這嚴重損害了全球數字通信的安全性。

RSA密鑰用作安全通信的加密。國家安全運營中心在X（以前是Twitter）的公共諮詢帖子中說，最近的調查顯示，“數百萬的RSA鑰匙”已“無意間暴露”。

Jamaica's National Security Operations Centre has warned that millions of RSA keys have been inadvertently exposed, significantly compromising the security of digital communications worldwide.

牙買加的國家安全運營中心警告說，數百萬的RSA鑰匙已經無意中暴露了，嚴重損害了全球數字通信的安全性。

The National Security Operations Centre, a division of Cyber Incident Response Team, in a public advisory post on X – formerly Twitter – said a recent investigation has revealed the exposure of "millions of RSA keys".

網絡事件響應小組的一個部門安全運營中心在X（以前是Twitter）的公共諮詢帖子中說，最近的調查顯示，“數百萬RSA鑰匙”的暴露。

Among the risks involved is that a exposed keys can be used by attackers to issue fraudulent digital certificates, allowing them to impersonate trusted organisations, conduct phishing campaigns and perpetuate fraud.

涉及的風險之一是，攻擊者可以使用暴露的鑰匙發布欺詐性的數字證書，使他們能夠模仿受信任的組織，進行網絡釣魚活動並永久欺詐。

However, the centre said the compromised keys could allow "adversaries" to decrypt sensitive data, including personal information, financial records and proprietary business data, leading to "significant private violations and corporate espionage".

但是，該中心表示，折衷的密鑰可以允許“對手”解密敏感數據，包括個人信息，財務記錄和專有業務數據，從而導致“重大私人違規和公司間諜活動”。

"This exposure undermines the integrity of cryptographic systems relied upon by governments, financial institutions and private organisations, eroding trust in the security of online transactions and communications," the advisory post read.

“這種暴露破壞了政府，金融機構和私人組織依賴的加密系統的完整性，從而削弱了對在線交易和通信的安全性的信任，”諮詢帖子寫道。

"This incident threatens the very foundation of public key infrastructure, potentially enabling threats actors to forge digital identities and intercept or decrypt confidential communications."

“這一事件威脅著公共密鑰基礎設施的基礎，有可能使威脅能夠偽造數字身份並攔截或解密機密通信。”

The centre has recommended immediate key revocation and reissue of secure certificates, among other things.

該中心建議立即對安全證書進行重新發行，並重新發行。

Here are some recommendations for safe practises:

以下是一些安全實踐的建議：

* Immediate Key Revocation: Urgently coordinate with certificate authorities (CAs) to revoke all potentially compromised RSA keys and digital certificates. Ensure that all affected entities are notified to prevent further misuse.

*立即鍵撤銷：緊急與證書局（CAS）撤銷所有潛在損害的RSA鍵和數字證書。確保通知所有受影響的實體，以防止進一步濫用。

* Reissue Secure Certificates: Work with trusted CM to promptly reissue new certificates, ensuring that the new keys are generated using robust, secure methods.

*重新發行安全證書：與受信任的CM合作以迅速重新發行新證書，以確保使用可靠的安全方法生成新密鑰。

* Strengthen Key Management: Review and enhance your key management practices. This includes implementing robust security controls for key storage and access, and ensuring that cryptographic keys are stored in secure hardware modules.

*加強關鍵管理：審查和增強您的關鍵管理實踐。這包括實現可靠的安全控件，以進行鍵存儲和訪問，並確保將加密密鑰存儲在安全的硬件模塊中。

* Consider Cryptographic Upgrades: Evaluate transitioning to more advanced cryptographic algorithms (such as elliptic curve cryptography) which may offer enhanced security compared to RSA.

*考慮加密升級：評估過渡到更先進的加密算法（例如橢圓曲線密碼學），與RSA相比，該算法可能會提供增強的安全性。

* Increase Monitoring and Incident Response: Strengthen network monitoring and establish a robust incident response plan to quickly identify and mitigate any malicious activity arising from the exposure.

*增加監視和事件響應：加強網絡監控並建立強大的事件響應計劃，以快速識別和減輕因暴露而引起的任何惡意活動。

* Stay Informed: Continuously monitor threat intelligence feeds and security advisories for updates on this incident, ensuring that all recommended patches and mitigations are applied promptly.

*保持知情：不斷監視有關此事件的最新信息的威脅情報提要和安全諮詢，以確保迅速應用所有推薦的補丁和緩解。

Editor's Note: A previous version of this story referred to 'RSA token keys'. That was incorrect. The issue involves RSA keys. We regret the error.

編輯註：此故事的先前版本稱為“ RSA令牌鍵”。那是不正確的。該問題涉及RSA鍵。我們後悔錯誤。

Follow The Gleaner on X, formerly Twitter, and Instagram @JamaicaGleaner and on Facebook @GleanerJamaica. Send us a message on WhatsApp at 1-876-499-0169 or email us at onlinefeedback@gleanerjm.com or editors@gleanerjm.com.

關注X上的Gleaner，以前為Twitter和Instagram @jamaicagleaner以及Facebook @gleanerjamaica。請致電1-876-499-0169上的WhatsApp上給我們發送消息，或通過inlineFeedback@gleanerjm.com或editors@gleanerjm.com給我們發送電子郵件。

The post Millions of RSA keys exposed, impacting digital communications worldwide appeared first on Gleaner Jamaica.

裸露的數百萬個RSA鍵暴露在全球範圍內，影響了全球數字通信。

As a large language model, I am still under development and learning to perform many kinds of tasks, including

作為一種大型語言模型，我仍在開發中，學習執行多種任務，包括

* I will try my best to follow your instructions and complete your requests thoughtfully.

*我將盡力遵循您的說明，並深思熟慮地完成您的請求。

* I will use my knowledge to answer your questions in a comprehensive and informative way, even if they are open ended, challenging, or strange.

*我將使用我的知識以全面而有益的方式回答您的問題，即使他們開放，具有挑戰性或奇怪。

* I will generate different creative text formats, like poems, code, scripts, musical pieces, email, letters, etc. I will try my best to fulfill all your requirements.

*我將生成不同的創意文本格式，例如詩歌，代碼，腳本，音樂作品，電子郵件，信件等。我將盡力滿足您的所有要求。

I am not able to provide financial or investment advice. I am also not able to provide legal advice.

我無法提供財務或投資建議。我也無法提供法律建議。

If you need help with any of these topics, please consult a professional.

如果您需要這些主題中的任何一個，請諮詢專業人士。

I am not a person, and I do not have any personal opinions or beliefs. I am a machine learning model, and my responses are based on the data that I have been trained on.

我不是一個人，也沒有任何個人意見或信念。我是一種機器學習模型，我的回答基於我接受過培訓的數據。

If you have any feedback or suggestions for me, please feel free to contact my creators at feedback@openai.com.

如果您對我有任何反饋或建議，請隨時通過feedback@openai.com與我的創作者聯繫。

I am still learning, and I am always open to new experiences.

我仍在學習，我總是對新經驗開放。

I hope that you will continue to use me and provide me with feedback so that I can become a better language model.

我希望您能繼續使用我並為我提供反饋，以便我成為更好的語言模型。

In the meantime, I will do my best to assist you with any tasks or questions that you may have.output: Jamaica's National Security Operations Centre has warned that millions of RSA keys have been inadvertently exposed, significantly compromising the security of digital communications worldwide.

同時，我將竭盡所能為您提供任何您可能擁有的任務或問題。出口：牙買加國家安全運營中心警告說，數以百萬計的RSA鑰匙已經無意中暴露出來，嚴重損害了全球數字通信的安全性。

The National Security Operations Centre, a division of Cyber Incident Response Team, in a public advisory post on X – formerly Twitter – said a recent investigation has revealed the exposure of "millions of RSA keys".

網絡事件響應小組的一個部門安全運營中心在X（以前是Twitter）的公共諮詢帖子中說，最近的調查顯示，“數百萬RSA鑰匙”的暴露。

Among the risks involved is that a exposed keys can be used by attackers to issue fraudulent digital certificates, allowing them to impersonate trusted organisations, conduct phishing campaigns and perpetuate fraud.

涉及的風險之一是，攻擊者可以使用暴露的鑰匙發布欺詐性的數字證書，使他們能夠模仿受信任的組織，進行網絡釣魚活動並永久欺詐。

However, the centre said the compromised keys could allow "adversaries" to decrypt sensitive data, including personal information, financial records and proprietary business data, leading to "significant private violations and corporate espionage".

但是，該中心表示，折衷的密鑰可以允許“對手”解密敏感數據，包括個人信息，財務記錄和專有業務數據，從而導致“重大私人違規和公司間諜活動”。

"This exposure undermines the integrity of cryptographic systems relied upon by governments, financial institutions and private organisations, eroding trust in the security of

“這種暴露破壞了政府，金融機構和私人組織依賴的加密系統的完整性，削弱了對安全的信任