1. IT-Security >
  2. Cyber Security Nachrichten >
  3. PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks


IT Security Nachrichten vom | Direktlink: bleepingcomputer.com Nachrichten Bewertung

Proof-of-concept exploit code is now available for the Windows CryptoAPI spoofing vulnerability tracked as CVE-2020-0601 and reported by the National Security Agency (NSA), just two days after Microsoft released a patch. [...]...

Externe Webseite mit kompletten Inhalt öffnen



https://www.bleepingcomputer.com/news/security/pocs-for-windows-cryptoapi-bug-are-out-show-real-life-exploit-risks/

Team Security Social Media

➤ Weitere Beiträge von Team Security | IT Sicherheit

  • Behind the Masq: Yet more DNS, and DHCP, vulnerabilities

    vom 337.69 Punkte ic_school_black_18dp
    Posted by Fermin J. Serna, Staff Software Engineer, Matt Linton, Senior Security Engineer and Kevin Stadmeyer, Technical Program ManagerOur team has previously posted about DNS vulnerabilities and exploits. Lately, we’ve been busy reviewing the security of another DNS software package: Dnsmasq. We are writing
  • AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems

    vom 154.96 Punkte ic_school_black_18dp
    Original release date: January 14, 2020SummaryNew vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and
  • UACME - Defeating Windows User Account Control

    vom 136.61 Punkte ic_school_black_18dp
    Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. System Requirements x86-32/x64 Windows 7/8/8.1/10 (client, some methods however works on server version too). Admin account with UAC set on default settings required. UsageRun executable from command line: akagi32 [Key] [Param] or akagi64 [Key] [Param]. See "Run examples" below for more info.
  • Docker-Inurlbr - Advanced Search In Search Engines, Enables Analysis Provided To Exploit GET / POST Capturing Emails & Urls

    vom 114.96 Punkte ic_school_black_18dp
    Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.How to buildgit clone https://github.com/gmdutra/docker-inurlbr.gitc
  • The January 2020 Security Update Review

    vom 111.09 Punkte ic_school_black_18dp
    Welcome to the new year, and welcome to the first Patch Tuesday of 2020. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for January 2020Adobe begins the ye
  • The June 2019 Security Update Review

    vom 103.36 Punkte ic_school_black_18dp
    June has arrived and so have the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for June 2019 This month, A
  • Pown.js - A Security Testing An Exploitation Toolkit Built On Top Of Node.js And NPM

    vom 98.7 Punkte ic_school_black_18dp
    Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like Metasploits, Pown.js considers frameworks to be an anti-pattern. Therefore, each module in Pown is in fact a standalone NPM mod
  • TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

    vom 97.84 Punkte ic_school_black_18dp
    Original release date: April 16, 2018Systems Affected Generic Routing Encapsulation (GRE) Enabled DevicesCisco Smart Install (SMI) Enabled DevicesSimple Network Management Protocol (SNMP) Enabled Network DevicesOverview This joint Technical Alert (TA) is the result of analy
  • Jok3R - Network And Web Pentest Framework

    vom 97.77 Punkte ic_school_black_18dp
    Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests.Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more
  • The July 2019 Security Update Review

    vom 96.89 Punkte ic_school_black_18dp
    July has arrived and so have the scheduled security patches from Microsoft and Adobe. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for July 2019 Adobe release
  • The February 2020 Security Update Review

    vom 96.29 Punkte ic_school_black_18dp
    February is here, and with it comes some significant security patches from Adobe and Microsoft. Take a break from your regularly scheduled activities and join us as we review the details for security patches for this month. Adobe Patches for February 2020The Adobe
  • HPR2805: My 50th Show

    vom 95.17 Punkte ic_school_black_18dp
    Hallo this is again Tony Hughes for HPR. This is an auspicious show for me as it’s my 50th show that I have recorded and released on HPR in my own right. However prior to my 1st show in my own right I did guest on 2 shows. The first of these was: hp

Team Security Diskussion über PoCs for Windows CryptoAPI Bug Are Out, Show Real-Life Exploit Risks