VU#307015: Infineon RSA library does not properly generate RSA key pairs
The Infineon RSA library version 1.02.013 does not properly generate RSA key pairs,which may allow an attacker to recover the RSA private key corresponding to an RSA public key generated by this...
View ArticleOpenSSL patches, Apple bug fixes, Hilton’s $700k hack bill, Kim Dotcom raid...
And Microsoft dude installs Chrome during Azure talk Happy weekend, everyone, except those of you on call, of course. Let us catch you up on all the IT security bits and pieces besides what's been...
View ArticleOracle rushes out 5 patches for huge vulnerabilities in PeopleSoft app server
"JoltandBleed" memory leak gives attackers full access to business applications.
View ArticleMultiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products
On January 28, 2016, the OpenSSL Project released a security advisory detailing two vulnerabilities. Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more...
View ArticleOptimus multi-prime is the new rule as OpenSSL transforms crypto policies again
If an algo ain't ratified by standards groups, it won't be welcome OpenSSL's maintainers have put the squeeze on insecure ciphers, with a raft of changes to how the project's operations.…
View ArticleOpenSSL alpha adds TLS 1.3 support
Shambling corpse of ancient, shoddy, buggy, crypto shoved towards the grave Developers working with OpenSSL can finally start to work with TLS 1.3, thanks to the alpha version of OpenSSL 1.1.1 that...
View ArticleMasha and these Bears
Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a prolific, well resourced, and persistent adversary.They are sometimes portrayed as wild and reckless, but as seen under our visibility, the...
View Article
