CK's Technology News · @CKsTechNews
1833 followers · 3303 posts · Server cktn.todon.de
Exploiting a Critical #Spoofing #Vulnerability in #Windows #CryptoAPI
#spoofing #vulnerability #windows #cryptoapi
DarkOperator 🚀 · @DarkOperator
1242 followers · 1898 posts · Server infosec.exchangeResearchers Release #PoC #Exploit for Windows #CryptoAPI Bug Discovered by #NSA
https://thehackernews.com/2023/01/researchers-release-poc-exploit-for.html
tricia, queen of house cyberly :verified_paw: :donor: · @triciakickssaas
2061 followers · 610 posts · Server infosec.exchangeAlrighty nerds, strap in - got another #Microsoft vulnerability write up, hot off the press!
Â
You may remember the vulnerability disclosed by the #NCSC and #NSA to Microsoft about #CryptoAPI (CVE-2022-34689) which can lead to masquerading as legitimate entities (such as google or Microsoft.)
Â
We analyzed and exploited it. Pretty neat.
in the PoC, you can see the source code for how it could be exploited in the wild using an old version of Chrome.
Â
Link to write-up: https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi
Link to github repo: https://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689
#microsoft #ncsc #nsa #cryptoapi
Clerton · @clerton
27 followers · 43 posts · Server fosstodon.orgIs there something in the wild that encrypts/decrypts data to push/pull on #indexeddb using browser’s #cryptoapi ?
#indexeddb #cryptoapi #frontend #frontenddevelopment #javascript
· @AdaPlanet
53 followers · 2261 posts · Server botsin.space
Blockfrost.io get transaction data with addresses (from/to) https://stackoverflow.com/questions/74337894/blockfrost-io-get-transaction-data-with-addresses-from-to #ada #programming #cryptocurrency #cryptoapi #cardano #ada
#ada #programming #cryptocurrency #cryptoapi #cardano
Martin Boller :donor: :tux: :freebsd: :windows: :mastodon: · @itisiboller
478 followers · 350 posts · Server infosec.exchange
Martin Boller :donor: :tux: :freebsd: :windows: :mastodon: · @itisiboller
478 followers · 350 posts · Server infosec.exchange
Martin Boller :donor: :tux: :freebsd: :windows: :mastodon: · @itisiboller
478 followers · 350 posts · Server infosec.exchange
Martin Boller :donor: :tux: :freebsd: :windows: :mastodon: · @itisiboller
478 followers · 350 posts · Server infosec.exchangeDetecting #CVE-2020-0600 #exploit attempts #crypt33 #CryptoAPI https://blog.infosecworrier.dk/2020/01/detecting-cve-2020-0600-windows.html inspired by Didier Stevens VBA script #Detection #Defense #blueteam
#cve #exploit #crypt33 #cryptoapi #detection #defense #blueteam
ace36 · @aaronco36
11 followers · 214 posts · Server fosstodon.org#windows #cryptoapi
:windows: 👺
"Windows 10 has a dangerous flaw discovered by NSA, Microsoft rushed to patch it" https://bit.ly/30rzNza
Wonder what particular "businesses" (or governments) the #nsa is *really* worried about here?
ITSEC News · @itsecbot
687 followers · 32461 posts · Server schleuss.online
NSA and Github ‘rickrolled’ using Windows CryptoAPI bug - We said, "Assume that someone will find out how to do it pretty soon," and that's exactly what hap... more: https://nakedsecurity.sophos.com/2020/01/16/nsa-and-github-rickrolled-using-windows-cryptoapi-bug/ #vulnerability #cve-2020-0601 #cryptography #microsoft #cryptoapi #rickroll #exploit #windows #nsa
#nsa #windows #exploit #rickroll #cryptoapi #microsoft #cryptography #cve #vulnerability
Martin Boller :donor: :tux: :freebsd: :windows: :mastodon: · @itisiboller
478 followers · 350 posts · Server infosec.exchange#Microsoft’s #patch for #CVE-2020-0601 introduces a call to #CveEventWrite in #CryptoAPI when a faked certificate is detected.
Didier Stevens wrote a script that will write a Windows event entry in the Application event log.
#Test #Alert #blueteam
https://blog.didierstevens.com/2020/01/15/using-cveeventwrite-from-vba-cve-2020-0601/
#microsoft #patch #cve #CveEventWrite #cryptoapi #test #alert #blueteam