The German e-Government communications system components there are multiple serious vulnerabilities can lead to government exchange of data breach-vulnerability warning-the black bar safety net

! The G20 Summit on the eve of the German vigorously strengthen the network security and the establishment of the all-Weather command center, and most recently, the SEC-Consult security researchers found that the German e-Government communications library Online Services computer interface the OS...

Decryption Key to Original Petya Ransomware Released

The master key to the original version of the Petya ransomware – not to be confused with the latest and massive Petya/ExPetr outbreak that swept through the Ukraine and parts of Europe last month – has been released, allowing all the victims of previous Petya attacks to unscramble their encrypted...

Private Decryption Key For Original Petya Ransomware Released

Rejoice Petya-infected victims! The master key for the original version of the Petya ransomware has been released by its creator, allowing Petya-infected victims to recover their encrypted files without paying any ransom money. But wait, Petya is not NotPetya. Do not confuse Petya ransomware with...

The key to old Petya versions has been published by the malware author

As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. His original malware was pirated and extended by an unknown actor read more here. As a result of the recent events, Janus probably decided to shut down the Petya project. Similarly to th...

Communication message decryption vulnerability exists in the Voyager Android app

The Voyager Android app is a mobile app for buying airline tickets. A communication message decryption vulnerability exists in the TravelSense Android app. The vulnerability stems from fixed-key hardcoding, which can be exploited by an attacker to crack the encryption algorithm and break other...

OSCI Transport Library OSCI-Transport Decryption Transport Encryption Algorithm Vulnerability

OSCI Transport Library Java is a Java library of mandatory transport protocols for German e-government, and OSCI Transport Library .NET is its .NET version.OSCI-Transport is one of the XML-based transport protocols. A security vulnerability exists in OSCI Transport Library version 1.6.1 Java and ...

Design/Logic Flaw

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the...

Original Author of Petya Ransomware is Back & He Wants to Help NotPetya Victims

The author of original Petya ransomware is back. After 6 months of silence, the author of the now infamous Petya ransomware appeared today on Twitter to help victims unlock their files encrypted by a new version of Petya, also known as NotPetya. "We're back having a look in NotPetya," tweeted...

ExPetr/Petya/NotPetya is a Wiper, Not Ransomware

After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims' disk, even if a payment was made. This supports the theory that this malware campaign was not designed as a ransomware attack for financial...

Jaff Ransomware Decryption Tool Released – Don't Pay, Unlock Files for Free

Hit by Jaff Ransomware? Don't pay the Ransom. You can unlock your files for Free! Kaspersky Labs has released an updated version 1.21.2.1 of its free ransomware decryption tool, RakhniDecryptor, which can now also decrypt files locked by the Jaff ransomware. Security researchers at Kaspersky Labs...

Decryption Utility Unlocks Files Encrypted by Jaff Ransomware

A weakness discovered in Jaff ransomware by researchers has led to the creation of decryption keys to unlock files locked by the malware. “We have found a vulnerability in Jaff’s code for all the variants to date. Thanks to this, it is now possible to recover users’ files encrypted with the .jaff...

Free Mac Ransomware-as-a-Service MacRansom Surfaces

Researchers on Friday began warning of MacRansom, a new and free macOS-based ransomware as a service RaaS that’s been making the rounds over the past several weeks. It leverages a portal hosted on the Tor network, but attackers looking for the malware won’t find it there. Interested parties need ...

Foscam camera Configuration Backup File Hardcoded Protection Vulnerability

Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly through WIFI. Foscam camera has a configuration backup file protected by hardcoding vulnerability, the encrypted Foscam device configuration file contains the administrator password, t...

CVE-2017-1179

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431...

Design/Logic Flaw

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431...

CVE-2017-1179

CVE-2017-1179 affects IBM BigFix Compliance Analytics 1.9.79, where information disclosure occurs due to the use of weaker-than-expected cryptographic algorithms, potentially allowing an attacker to decrypt highly sensitive data. The available connected documents identify the vulnerability class ...

CVE-2017-1179

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431...

Code injection

IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462...

CVE-2017-5243

The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. As a result, it falls back to allowing ALL algorithms supported by the relevant version of OpenSSH and makes the...

Design/Logic Flaw

The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. As a result, it falls back to allowing ALL algorithms supported by the relevant version of OpenSSH and makes the...