12 matches found
EUVD-2014-2357
Malware in sbrugna...
EUVD-2019-6680
Malware in sbrugna...
VMware Carbon Black TAU: Ryuk Ransomware Technical Analysis
Ryuk Ransomware has been crippling both the public and private sector recently with the ability to disrupt its target environment. The ransomware will typically be dropped by an already compromised system that has been infected by Trickbot or Emotet through a phishing email. Once the Ryuk payload...
Hardcoded credentials
The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart...
CVE-2015-4080
The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes it easier for remote attackers to 1 obtain sensitive information by sniffing the network and 2 obtain access to the device by encrypting messages...
Hardcoded credentials
The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes it easier for remote attackers to 1 obtain sensitive information by sniffing the network and 2 obtain access to the device by encrypting messages...
CVE-2015-4080
The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes it easier for remote attackers to 1 obtain sensitive information by sniffing the network and 2 obtain access to the device by encrypting messages...
PowerArchiver 14.02.03 Incorrect PKZIP Encryption Usage
The remote host has PowerArchiver version 14.02.03 installed. It is, therefore, affected by a flaw with the encryption usage. A flaw exists in the application where the insecure PKZIP encryption method is used when a user attempts to encrypt files with AES 256-bit encryption. Note that Nessus has...
ConeXware PowerArchiver弱加密漏洞
Bugtraq ID:66174 CVE ID:CVE-2014-2319 ConeXware PowerArchiver是一款压缩工具。 如果在GUI中用户选择AES加密,ConeXware PowerArchiver会以不安全加密方法来创建文件。如选择"AES 256-bit"进行加密软件会使用PKZIP加密来代替。 0 ConeXware PowerArchiver 14.02.03 ConeXware PowerArchiver 14.02.05已经修复该漏洞,建议用户下载更新: http://www.powerarchiver.com...
CVE-2014-2319
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...
CVE-2014-2319
PowerArchiver (ConeXware) 14.02.03 vulnerable: Encrypt Files feature uses legacy PKZIP encryption even when AES 256-bit is selected, enabling a known-plaintext exposure. Root cause is insecure encryption usage in the AES path. Affected version(s) include 14.02.03; vendor released 14.02.05 to fix ...
CVE-2014-2319
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to obtain sensitive information via a known-plaintext attack...