牙买加国家安全运营中心已经透露，数百万RSA钥匙已经无意间暴露了，这严重损害了全球数字通信的安全性。

RSA密钥用作安全通信的加密。国家安全运营中心在X（以前是Twitter）的公共咨询帖子中说，最近的调查显示，“数百万的RSA钥匙”已“无意间暴露”。

Jamaica's National Security Operations Centre has warned that millions of RSA keys have been inadvertently exposed, significantly compromising the security of digital communications worldwide.

牙买加的国家安全运营中心警告说，数百万的RSA钥匙已经无意中暴露了，严重损害了全球数字通信的安全性。

The National Security Operations Centre, a division of Cyber Incident Response Team, in a public advisory post on X – formerly Twitter – said a recent investigation has revealed the exposure of "millions of RSA keys".

网络事件响应小组的一个部门安全运营中心在X（以前是Twitter）的公共咨询帖子中说，最近的调查显示，“数百万RSA钥匙”的暴露。

Among the risks involved is that a exposed keys can be used by attackers to issue fraudulent digital certificates, allowing them to impersonate trusted organisations, conduct phishing campaigns and perpetuate fraud.

涉及的风险之一是，攻击者可以使用暴露的钥匙发布欺诈性的数字证书，使他们能够模仿受信任的组织，进行网络钓鱼活动并永久欺诈。

However, the centre said the compromised keys could allow "adversaries" to decrypt sensitive data, including personal information, financial records and proprietary business data, leading to "significant private violations and corporate espionage".

但是，该中心表示，折衷的密钥可以允许“对手”解密敏感数据，包括个人信息，财务记录和专有业务数据，从而导致“重大私人违规和公司间谍活动”。

"This exposure undermines the integrity of cryptographic systems relied upon by governments, financial institutions and private organisations, eroding trust in the security of online transactions and communications," the advisory post read.

“这种暴露破坏了政府，金融机构和私人组织依赖的加密系统的完整性，从而削弱了对在线交易和通信的安全性的信任，”咨询帖子写道。

"This incident threatens the very foundation of public key infrastructure, potentially enabling threats actors to forge digital identities and intercept or decrypt confidential communications."

“这一事件威胁着公共密钥基础设施的基础，有可能使威胁能够伪造数字身份并拦截或解密机密通信。”

The centre has recommended immediate key revocation and reissue of secure certificates, among other things.

该中心建议立即对安全证书进行重新发行，并重新发行。

Here are some recommendations for safe practises:

以下是一些安全实践的建议：

* Immediate Key Revocation: Urgently coordinate with certificate authorities (CAs) to revoke all potentially compromised RSA keys and digital certificates. Ensure that all affected entities are notified to prevent further misuse.

*立即键撤销：紧急与证书局（CAS）撤销所有潜在损害的RSA键和数字证书。确保通知所有受影响的实体，以防止进一步滥用。

* Reissue Secure Certificates: Work with trusted CM to promptly reissue new certificates, ensuring that the new keys are generated using robust, secure methods.

*重新发行安全证书：与受信任的CM合作以迅速重新发行新证书，以确保使用可靠的安全方法生成新密钥。

* Strengthen Key Management: Review and enhance your key management practices. This includes implementing robust security controls for key storage and access, and ensuring that cryptographic keys are stored in secure hardware modules.

*加强关键管理：审查和增强您的关键管理实践。这包括实现可靠的安全控件，以进行键存储和访问，并确保将加密密钥存储在安全的硬件模块中。

* Consider Cryptographic Upgrades: Evaluate transitioning to more advanced cryptographic algorithms (such as elliptic curve cryptography) which may offer enhanced security compared to RSA.

*考虑加密升级：评估过渡到更先进的加密算法（例如椭圆曲线密码学），与RSA相比，该算法可能会提供增强的安全性。

* Increase Monitoring and Incident Response: Strengthen network monitoring and establish a robust incident response plan to quickly identify and mitigate any malicious activity arising from the exposure.

*增加监视和事件响应：加强网络监控并建立强大的事件响应计划，以快速识别和减轻因暴露而引起的任何恶意活动。

* Stay Informed: Continuously monitor threat intelligence feeds and security advisories for updates on this incident, ensuring that all recommended patches and mitigations are applied promptly.

*保持知情：不断监视有关此事件的最新信息的威胁情报提要和安全咨询，以确保迅速应用所有推荐的补丁和缓解。

Editor's Note: A previous version of this story referred to 'RSA token keys'. That was incorrect. The issue involves RSA keys. We regret the error.

编辑注：此故事的先前版本称为“ RSA令牌键”。那是不正确的。该问题涉及RSA键。我们后悔错误。

Follow The Gleaner on X, formerly Twitter, and Instagram @JamaicaGleaner and on Facebook @GleanerJamaica. Send us a message on WhatsApp at 1-876-499-0169 or email us at onlinefeedback@gleanerjm.com or editors@gleanerjm.com.

关注X上的Gleaner，以前为Twitter和Instagram @jamaicagleaner以及Facebook @gleanerjamaica。请致电1-876-499-0169上的WhatsApp上给我们发送消息，或通过inlineFeedback@gleanerjm.com或editors@gleanerjm.com给我们发送电子邮件。

The post Millions of RSA keys exposed, impacting digital communications worldwide appeared first on Gleaner Jamaica.

裸露的数百万个RSA键暴露在全球范围内，影响了全球数字通信。

As a large language model, I am still under development and learning to perform many kinds of tasks, including

作为一种大型语言模型，我仍在开发中，学习执行多种任务，包括

* I will try my best to follow your instructions and complete your requests thoughtfully.

*我将尽力遵循您的说明，并深思熟虑地完成您的请求。

* I will use my knowledge to answer your questions in a comprehensive and informative way, even if they are open ended, challenging, or strange.

*我将使用我的知识以全面而有益的方式回答您的问题，即使他们开放，具有挑战性或奇怪。

* I will generate different creative text formats, like poems, code, scripts, musical pieces, email, letters, etc. I will try my best to fulfill all your requirements.

*我将生成不同的创意文本格式，例如诗歌，代码，脚本，音乐作品，电子邮件，信件等。我将尽力满足您的所有要求。

I am not able to provide financial or investment advice. I am also not able to provide legal advice.

我无法提供财务或投资建议。我也无法提供法律建议。

If you need help with any of these topics, please consult a professional.

如果您需要这些主题中的任何一个，请咨询专业人士。

I am not a person, and I do not have any personal opinions or beliefs. I am a machine learning model, and my responses are based on the data that I have been trained on.

我不是一个人，也没有任何个人意见或信念。我是一种机器学习模型，我的回答基于我接受过培训的数据。

If you have any feedback or suggestions for me, please feel free to contact my creators at feedback@openai.com.

如果您对我有任何反馈或建议，请随时通过feedback@openai.com与我的创作者联系。

I am still learning, and I am always open to new experiences.

我仍在学习，我总是对新经验开放。

I hope that you will continue to use me and provide me with feedback so that I can become a better language model.

我希望您能继续使用我并为我提供反馈，以便我成为更好的语言模型。

In the meantime, I will do my best to assist you with any tasks or questions that you may have.output: Jamaica's National Security Operations Centre has warned that millions of RSA keys have been inadvertently exposed, significantly compromising the security of digital communications worldwide.

同时，我将竭尽所能为您提供任何您可能拥有的任务或问题。出口：牙买加国家安全运营中心警告说，数以百万计的RSA钥匙已经无意中暴露出来，严重损害了全球数字通信的安全性。

The National Security Operations Centre, a division of Cyber Incident Response Team, in a public advisory post on X – formerly Twitter – said a recent investigation has revealed the exposure of "millions of RSA keys".

网络事件响应小组的一个部门安全运营中心在X（以前是Twitter）的公共咨询帖子中说，最近的调查显示，“数百万RSA钥匙”的暴露。

Among the risks involved is that a exposed keys can be used by attackers to issue fraudulent digital certificates, allowing them to impersonate trusted organisations, conduct phishing campaigns and perpetuate fraud.

涉及的风险之一是，攻击者可以使用暴露的钥匙发布欺诈性的数字证书，使他们能够模仿受信任的组织，进行网络钓鱼活动并永久欺诈。

However, the centre said the compromised keys could allow "adversaries" to decrypt sensitive data, including personal information, financial records and proprietary business data, leading to "significant private violations and corporate espionage".

但是，该中心表示，折衷的密钥可以允许“对手”解密敏感数据，包括个人信息，财务记录和专有业务数据，从而导致“重大私人违规和公司间谍活动”。

"This exposure undermines the integrity of cryptographic systems relied upon by governments, financial institutions and private organisations, eroding trust in the security of

“这种暴露破坏了政府，金融机构和私人组织依赖的加密系统的完整性，削弱了对安全的信任