SHA-3 Winner Chosen, But It May Be Years Before Keccak Has an Effect

Now that NIST has selected Keccak as the winner of the five-year-long SHA-3 competition, the next question to be answered is whether the new hash algorithm will be implemented in any meaningful way in the near future. The answer, for right now at least, appears to be probably not. The SHA-3...

Flame Attackers Used Collision Attack to Forge Microsoft Certificate

The attackers behind the Flame malware used a collision attack against a cryptographic algorithm as part of the method for gaining a forged certificate to sign specific components of the attack tool. Microsoft officials said on Tuesday that it’s imperative for customers to install the update issu...

OpenDrive <= 1.3.141 Local Password Disclosure

Exploit for windows platform in category local exploits / Title: OpenDrive include include int ReadRegistryKey LPBYTE lpBuffer, LPDWORD lpBufferSize, HKEY hKey, LPCTSTR lpszSubKey, LPCTSTR lpszValueName HKEY hKeyLocal; int nType; if RegOpenKeyExhKey, lpszSubKey, 0, KEYREAD, &hKeyLocal ==...

OpenDrive 1.3.141 - Local Password Disclosure

OpenDrive 1.3.141 - Local Password Disclosure / Title: OpenDrive include include int ReadRegistryKey LPBYTE lpBuffer, LPDWORD lpBufferSize, HKEY hKey, LPCTSTR lpszSubKey, LPCTSTR lpszValueName HKEY hKeyLocal; int nType; if RegOpenKeyExhKey, lpszSubKey, 0, KEYREAD, &hKeyLocal == ERRORSUCCESS if...

OpenDrive 1.3.141 - Local Password Disclosure

/ Title: OpenDrive include include int ReadRegistryKey LPBYTE lpBuffer, LPDWORD lpBufferSize, HKEY hKey, LPCTSTR lpszSubKey, LPCTSTR lpszValueName HKEY hKeyLocal; int nType; if RegOpenKeyExhKey, lpszSubKey, 0, KEYREAD, &hKeyLocal == ERRORSUCCESS if RegQueryValueEx hKeyLocal, lpszValueName, 0,...

Debian Security Advisory DSA 2054-2 (bind9)

The remote host is missing an update to bind9 announced via advisory DSA 2054-2. OpenVAS Vulnerability Test $Id: deb20542.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2054-2 bind9 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Hash brute force attack-vulnerability warning-the black bar safety net

Name: the end Tutorial: Hash brute force attack Nature: the translation of the article Time: 2 0 1 0 3 2 7 on Saturday ------------------------------------The above information↑------------------------------------ --------------------------------------The content of the...

For the Bluetooth PIN code of the latest attack techniques details of the analysis-vulnerability warning-the black bar safety net

Note: This Chapter is just to explain the determination for the Bluetooth PIN code of the latest attack techniques, in order to draw attention to prevention, and no other purpose. No person shall use in this article the description of the technology to do illegal things. Recently, many domestic a...

OpenSSL Version Rollback and Weak Cryptographic Algorithm Vulnerabilities

OpenSSL contains vulnerabilities that could allow an unauthenticated, remote attacker to bypass security restrictions. The first vulnerability CVE-2005-2969 affects any application using a SL/TLS server implementation provided by OpenSSL versions 0.9.7g and prior. If these implementations have...

Use of a Broken or Risky Cryptographic Algorithm

✍️ Description The function mtrand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are...