Security Bulletin: IBM® Db2® is affected by multiple vulnerabilities in the GSKit library

Summary Db2 is affected by multiple vulnerabilities in the GSKit library. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by a side-channel attack against a system based on the Intel Sandy-Bridge microarchitectur...

Debian DLA-1418-1 : bouncycastle security update

Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms. CVE-2016-1000338 DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have...

To crypt, or to mine – that is the question

Way back in 2013 our malware analysts spotted the first malicious samples related to the Trojan-Ransom.Win32.Rakhni family. That was the starting point for this long-lived Trojan family, which is still functioning to this day. During that time the malware writers have changed: the way their Troja...

EulerOS 2.0 SP3 : openssl (EulerOS-SA-2018-1179)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms...

Design/Logic Flaw

Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS has not been designed to achieve security purposes and therefore does not include any encryption algorithms because of their negative effect on performance and throughput. ...

CVE-2017-16726

Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in protected environments. ADS has not been designed to achieve security purposes and therefore does not include any encryption algorithms because of their negative effect on performance and throughput. ...

Microsoft Windows: Hardware-based encryption for OS drives (allowed algorithms)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winosrestrictcrypto.nasl 11532 2018-09-21 19:07:30Z cfischer $ Check value for Configure use of hardware-based encryption for operating system drives: Restrict crypto algorithms or cipher suites to the following Authors:...

Microsoft Windows: Use of hardware-based encryption (restrict algorithms)

This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows: Use of hardware-based encryption for OS drives

This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows: Hardware-based encryption for OS drives (restrict algorithms)

This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows: Use of hardware-based encryption (removable data drives)

This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows: Hardware-based encryption: Restrict crypto algorithms

This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Microsoft Windows: Hardware-based encryption: Restrict encryption algorithms

This policy setting allows you to manage BitLocker Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: Vulnerabilities in GSKit and GSKit-Crypto affect IBM InfoSphere Information Server

Summary Vulnerabilities in GSKit and GSKit-Crypto were addressed by IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private keys. An attacker could exploit this...

LeakScraper - An Efficient Set Of Tools To Process And Visualize Huge Text Files Containing Credentials

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. These tools are designed to help pentesters/redteamers doing OSINT, credentials gathering and credentials stuffing attacks. Installation First things first : have a workingmongodb server. The...

Modern OSs for embedded systems

At Kaspersky Lab we analyze the technologies available on cybersecurity market and this time we decided to look at what OS developers are offering for embedded systems or, in other words, the internet of things. Our primary interest is how and to what degree these OSs can solve...

[SECURITY] Fedora 28 Update: bouncycastle-1.59-1.fc28

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8...

[SECURITY] Fedora 27 Update: bouncycastle-1.59-1.fc27

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8...

Security Bulletin: Arcfour vulnerability issue in IBM Storwize V7000 Unified

Summary IBM Storwize V7000 Unified was shipped with Arcfour which uses weak client-to-server encryption algorithms, for which fix is available. Vulnerability Details CVEID: CVE-2017-1375 DESCRIPTION: IBM System Storage Storwize V7000 Unified V7000U uses weaker than expected cryptographic algorith...

Security Bulletin: Multiple vulnerabilities affect the GSKit component of IBM Tivoli Monitoring

Summary The following security issues have been identified in the GSKit component included as part of the IBM Tivoil Monitoring product. Vulnerability Details CVEID: CVE-2018-1388 DESCRIPTION: GSKit V7 may disclose side channel information via discrepencies between valid and invalid PKCS1 padding...