logo
 
  1. IT-Security >
  2. Cyber Security Nachrichten >
  3. PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks


IT Security Nachrichten vom | Direktlink: bleepingcomputer.com Nachrichten Bewertung

Proof-of-concept exploit code is now available for the Windows CryptoAPI spoofing vulnerability tracked as CVE-2020-0601 and reported by the National Security Agency (NSA), just two days after Microsoft released a patch. [...]...

https://www.bleepingcomputer.com/news/security/pocs-for-windows-cryptoapi-bug-are-out-show-real-life-exploit-risks/

Externe Webseite mit kompletten Inhalt öffnen

➤ Ähnliche Beiträge von Team IT Security

  • 1.

    Behind the Masq: Yet more DNS, and DHCP, vulnerabilities

    vom 348.12 Punkte ic_school_black_18dp
    Posted by Fermin J. Serna, Staff Software Engineer, Matt Linton, Senior Security Engineer and Kevin Stadmeyer, Technical Program ManagerOur team has previously posted about DNS vulnerabilities and exploits. Lately, we’ve been busy reviewing the security of another DNS software package: Dnsmasq. We are writing
  • 2.

    AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems

    vom 171.92 Punkte ic_school_black_18dp
    Original release date: January 14, 2020SummaryNew vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and
  • 3.

    UACME - Defeating Windows User Account Control

    vom 157.82 Punkte ic_school_black_18dp
    Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10 (client, some methods however works on server version too). Admin account with UAC set on default settings required. UsageRun executable from command line: akagi32 [Key] [Param] or akagi64 [Key] [Param]. See "Run examples" below for more info.
  • 4.

    The January 2020 Security Update Review

    vom 124 Punkte ic_school_black_18dp
    Welcome to the new year, and welcome to the first Patch Tuesday of 2020. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for January 2020Adobe begins the ye
  • 5.

    Docker-Inurlbr - Advanced Search In Search Engines, Enables Analysis Provided To Exploit GET / POST Capturing Emails & Urls

    vom 120.86 Punkte ic_school_black_18dp
    Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.How to buildgit clone https://github.com/gmdutra/docker-inurlbr.gitc
  • 6.

    The June 2019 Security Update Review

    vom 116.83 Punkte ic_school_black_18dp
    June has arrived and so have the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for June 2019 This month, A
  • 7.

    Pown.js - A Security Testing An Exploitation Toolkit Built On Top Of Node.js And NPM

    vom 108.71 Punkte ic_school_black_18dp
    Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like Metasploits, Pown.js considers frameworks to be an anti-pattern. Therefore, each module in Pown is in fact a standalone NPM mod
  • 8.

    The July 2019 Security Update Review

    vom 108.32 Punkte ic_school_black_18dp
    July has arrived and so have the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for July 2019 Adobe release
  • 9.

    TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

    vom 107.38 Punkte ic_school_black_18dp
    Original release date: April 16, 2018Systems Affected Generic Routing Encapsulation (GRE) Enabled DevicesCisco Smart Install (SMI) Enabled DevicesSimple Network Management Protocol (SNMP) Enabled Network DevicesOverview This joint Technical Alert (TA) is the result of analy
  • 10.

    HPR2805: My 50th Show

    vom 104.82 Punkte ic_school_black_18dp
    Hallo this is again Tony Hughes for HPR. This is an auspicious show for me as it’s my 50th show that I have recorded and released on HPR in my own right. However prior to my 1st show in my own right I did guest on 2 shows. The first of these was: hp
  • 11.

    Jok3R - Network And Web Pentest Framework

    vom 102.91 Punkte ic_school_black_18dp
    Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests.Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more
  • 12.

    .NET Framework 4.8 is available on Windows Update, WSUS and MU Catalog

    vom 98.59 Punkte ic_school_black_18dp
    We are happy to announce that Microsoft .NET Framework 4.8 is now available on Windows Update, Windows Server Update Services (WSUS) and Microsoft Update (MU) Catalog. This release includes quality and reliability fixes based on feedback since the .NET Framewor

Kommentare ber PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks