Credit to Author: Jayesh kulkarni| Date: Wed, 05 Feb 2020 06:17:49 +0000
It’s surprising to see how quickly attackers make use of new vulnerabilities in malware campaigns. Microsoft recently patched a very interesting vulnerability in their monthly Patch Tuesday update for January 2020. It’s a spoofing vulnerability in Windows CryptoAPI (Crypt32.dll) validation mechanism for Elliptic Curve Cryptography (ECC) certificates. An attacker could…
Read more
Credit to Author: Chester Wisniewski| Date: Thu, 23 Jan 2020 13:43:21 +0000
Is there some good news hidden in the story of the CVE-2020-0601 crypto vulnerability?<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/uLFrNZCgCNo” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Paul Ducklin| Date: Thu, 16 Jan 2020 17:42:09 +0000
We said, “Assume that someone will find out how to do it pretty soon,” and that’s exactly what happened.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/XhJpjHyVCqc” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: BrianKrebs| Date: Wed, 15 Jan 2020 02:31:50 +0000
Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency. This month also marks the end of mainstream support for Windows 7, a still broadly-used operating system that will no longer be supplied with security updates.
Read more