EUVD-2019-6721

Malware in sbrugna...

CVE-2019-15802

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in salutilstrencrypt in libsal.so.0.0. The parameters salt, IV, and key data are used to encrypt and decrypt all passwords using AES256...

CLSA-2025-1736783731 kernel: Fix of 10 CVEs

media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans CVE-2024-50264 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - bpf: Fix out-of-bounds write in triegetnextkey CVE-2024-50262 - KVM: nSVM:...

Description of the security update for Microsoft Exchange Server 2019 and 2016: November 12, 2024 (KB5044062)

Description of the security update for Microsoft Exchange Server 2019 and 2016: November 12, 2024 KB5044062 Notice We have re-released the Exchange Server 2019 and 2016 November 12, 2024, security update SU to address the issue where Exchange Server stops processing Exchange Transport Rules ETR a...

Dvenom - Tool That Provides An Encryption Wrapper And Loader For Your Shellcode

Double Venom DVenom is a tool that helps red teamers bypass AVs by providing an encryption wrapper and loader for your shellcode. Capable of bypassing some well-known antivirus AVs. Offers multiple encryption methods including RC4, AES256, XOR, and ROT. Produces source code in C, Rust, PowerShell...

Description of the security update for Microsoft Exchange Server 2019 and 2016: August 8, 2023 (KB5029388)

Description of the security update for Microsoft Exchange Server 2019 and 2016: August 8, 2023 KB5029388 Notice We have re-released the Exchange Server 2019 and 2016 August 8, 2023, security update SU to address the localization issue that caused installations on non-English operating systems OS ...

System user password Encryption method or Hash function type

NetScaler system user passwords are hashed using SHA1 on 11.1 and older releases. 12.0 use SHA512. RPC node passwords are encrypted using AES256 CBC from 11.0 onwards. RC4 is used before that. The keywords encrypted, hashmethod, encryptmethod example ENCMTHD3and kek are added internally based on...

AtomLdr - A DLL Loader With Advanced Evasive Features

A DLL Loader With Advanced Evasive Features Features: CRT library independent. The final DLL file, can run the payload by loading the DLL executing its entry point, or by executing the exported "Atom" function via the command line. DLL unhooking from \KnwonDlls\ directory, with no RWX sections. T...

CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

AZL-25602 CVE-2022-45141 affecting package samba 4.12.5-7

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

CVE-2022-39829

There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...

PT-2022-25019 · Samsung · Samsung Mtower

Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: The issue is related to a NULL pointer dereference in the aes256 encrypt function due to a missing check on the return value of EVP CIPHER CTX new. Recommendations: For Samsung mTower...

SAMSUNG mTower 代码问题漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower 0.3.0 and earlier versions, which stems from a lack of checking of the return value of EVPCIPHERCTXnew and a NULL pointer dereference in aes256encrypt...

CVE-2021-41278

EdgeX Foundry CVE-2021-41278 affects the app-functions-sdk-go (and related EdgeX components) where the AES transform is broken in encryption, allowing potential decryption of data for users who enable AES in their pipelines. Affected releases rely on a flawed AES implementation; the AES transform...

Ryuk Ransomware: Now with Worming Self-Propagation

A new version of the Ryuk ransomware is capable of worm-like self-propagation within a local network, researchers have found. The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems ANSSI. The agency...

GaussDB Kernel: Configuring the SSL Encryption Algorithm

sslciphers specifies the SSL encryption algorithms used for secure connections. GaussDB Kernel supports the following algorithms: - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-AES128-CCM - DHE-RSA-AES256-CCM You are advised to set sslciphers to ALL. Then, GaussDB Kernel uses...

openGauss: Configuring the SSL Encryption Algorithm

sslciphers specifies the SSL encryption algorithms used for secure connections. openGauss supports the following algorithms: - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-AES128-GCM-SHA256 - DHE-DSS-AES256-GCM-SHA384 - DHE-DSS-AES128-GCM-SHA256 - DHE-RSA-AES256-SHA256 - DHE-RSA-AES128-SHA256 -...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling Connect:Direct for OpenVMS (CVE-2016-2183)

Summary OpenSSL is used by IBM Sterling Connect:Direct for OpenVMS. IBM Sterling Connect:Direct for OpenVMS has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the...