Free HermeticRansom Ransomware Decryptor Released

A free decryptor is out to unlock a ransomware found piggybacking on the HermeticWiper data wiper malware that ESET and Broadcom’s Symantec discovered targeting machines at financial, defense, aviation and IT services outfits in Ukraine, Lithuania and Latvia last week. The fact that there was...

HCL BigFix Compliance 加密问题漏洞

HCL BigFix Compliance is HCL India's continuous monitoring and application of endpoint security settings to ensure compliance with regulatory or organizational security policies. A cryptographic issue vulnerability exists in HCL BigFix Compliance versions prior to version 2.0.5 that stems from th...

Metasploit Weekly Wrap-Up

Exchange RCE Exchange remote code execution vulnerabilities are always valuable exploits to have. This week Metasploit added an exploit for an authenticated RCE in Microsoft Exchange servers 2016 and server 2019 identified as CVE-2021-42321. The flaw leveraged by the exploit exists in a...

CVE-2020-14481

The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow a local, authenticated attacker to decipher user credentials, including the Windows user or Windows DeskLock passwords. If the compromised user has an administrative account, an attacker could gain...

Hive ransomware: Researchers figure out a method to decrypt files

Files encrypted by ransomware cant be recovered without obtaining the decryption key, if the encryption has been done properly. But that doesnt seem to be the case for Hive ransomware. Researchers from the Kookmin University in Korea have published a method for decrypting the data scrambled by...

GHSA-G9MP-8G3H-3C5C flynn/noise has improper nonce handling yielding potential state DoS

The Go package github.com/flynn/noise, a Noise Protocol implementation, has two bugs in nonce handling in versions prior to v1.0.0. Issue 1: Potential nonce overflow If 264 18.4 quintillion or more messages are encrypted with Encrypt after handshaking, the nonce counter will wrap around, causing...

Information Disclosure

github.com/aws/aws-sdk-go is vulnerable to information disclosure. An attacker who has write access to the target S3 bucket can reveal the information of the decryption failures through the endpoint. when the CBC option is chosen as a content cipher...

Huawei EulerOS: Security Advisory for nettle (EulerOS-SA-2022-1084)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : nettle (EulerOS-SA-2022-1084)

According to the versions of the nettle packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDS...

Huawei EulerOS: Security Advisory for nettle (EulerOS-SA-2022-1133)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2022-1088)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an...

EulerOS Virtualization 3.0.6.6 : nettle (EulerOS-SA-2022-1133)

According to the versions of the nettle packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this fl...

GHSA-7F33-F4F5-XWGW In-band key negotiation issue in AWS S3 Crypto SDK for golang

Summary The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures without revealing the plaintext...

In-band key negotiation issue in AWS S3 Crypto SDK for golang

Summary The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures without revealing the plaintext...

Exploit for Classic Buffer Overflow in Openssl

Vulnerabilityrecurrence-漏洞复现 介绍 复现部分与汽车网络安全相关的漏洞. 软件架构 - OpenSSL CVE-2021-3711 SM2 Decryption Buffer Overflow 使用说明 1. 请参考各分部分 readme 文件. 2. 所有内容搜集于网路,请勿用于非法途径,仅供学习参考. 参与贡献 1. Fork 本仓库 2. 新建 Featxxx 分支 3. 提交代码 4. 新建 Pull Request...

Use of a Broken or Risky Cryptographic Algorithm

A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this i...

Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares

The shackles have been broken for victims of Maze/Egregor/Sekhmet ransomware: On Wednesday, decryption keys were released for all three ransomware strains in a forum post. The liberator, using the handle “Topleak,” described themselves as the developer of the three ransomwares. It’s been lovely,...

[SECURITY] [DSA 5070-1] cryptsetup security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5070-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez February 10, 2022 https://www.debian.org/security/faq -...

Ransomware author releases decryption keys, says goodbye forever

Update 12th February: An earlier version of this post incorrectly stated that the decryption tool used to unlock files existed prior to the keys being released - this has now been corrected. If you’re unfortunate enough to be caught out by ransomware, the consequences can be devastating. You may ...

AlmaLinux 8 : python-cryptography (ALSA-2021:1608)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:1608 advisory. - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...