kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

Dagon - Advanced Hash Manipulation

Named after the prince of Hell, Dagon day-gone is an advanced hash cracking and manipulation system, capable of bruteforcing multiple hash types, creating bruteforce dictionaries, automatic hashing algorithm verification, random salt generation from Unicode to ASCII, and much more. Screenshots...

Spotlight on Malware DGA Communication Technique

Written by Avi Aminov and Or Katz Overview Imagine you are standing in the middle of a crowded train station and want to have a private conversation with an old friend. You've been waiting for the perfect time to contact him and get some advice on how to move forward with some important life...

Microsoft Unveils Special Version of Windows 10 For Chinese Government

China is very strict about censorship, which is why the country has become very paranoid when it comes to adopting foreign technologies. The country banned Microsoft's Windows operating system on government computers in 2014 amid concerns about security and US surveillance. Even in the wake of...

CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...

[SECURITY] Fedora 24 Update: bouncycastle-1.52-9.fc24

The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. The package is organized so that it contains a light-weight API suitable for use in any environment including the newly released J2ME with the additional infrastructure to conform the algorithms to the JCE...

Dan Geer: Cybersecurity, Humanity's Future "Conjoined"

Given the intertwinement of technology with communication, politics, economies and overall human progress, it seems to go hand-in-hand that cybersecurity must be elevated in parallel. Dan Geer, considered atop the food chain of security thinkers, said during last week’s Source Boston conference...

In the picture, the added noise will be able to fool Google's best image recognition AI-vulnerability warning-the black bar safety net

! Recently, a group from the University of Washington, network security lab NSL's computer experts found that a malicious attacker can trick Google's CloudVision API, this will cause the API to the user-submitted images were incorrectly classified. In recent years, based on the AI of the image...

Shopify: ShopifyAPI is vulnerable to timing attacks.

Dear Shopify bug bounty team, The Python ShopifyAPI library is vulnerable to timing attacks, because the validatehmac falls back to a non-constant time comparison when hmac.comparedigest is not available. I am perfectly aware that this issue is out of scope, but your Shopify Guru Jack P. kindly...

Security Advisory - OpenSSL Montgomery multiplication may produce incorrect results Vulnerability

The Broadwell-specific Montgomery multiplication procedure has a denial of service DoS vulnerability when handling input longer than 256 bits.Only EC algorithms that use Brainpool P-512 curves are affected. An attacker could exploit this vulnerability to cause DoS during ECDH key...

Denial Of Service (DoS) Through Infinite Loop

ImageMagick is vulnerable to denial of service DoS attacks. The library contains a floating-point error in its color algorithms that can lead to an infinite loop causing the system to hang...

CVE-2017-7619

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv...

[SECURITY] [DLA 893-1] bouncycastle security update

Package : bouncycastle Version : 1.44+dfsg-3.1+deb7u2 CVE ID : CVE-2015-6644 An information disclosure vulnerability was discovered in Bouncy Castle, a Java library which consists of various cryptographic algorithms. The Galois/Counter mode GCM implementation was missing a boundary check that cou...

Code injection

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv...

CVE-2017-7619

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv...

CVE-2017-7619

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv...

CVE-2017-7619

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv...

CVE-2017-7619

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv...

SSH Configuration & Policy Scanner: ssh_scan

SSH Configuration & Policy Scanner SSH, or secure shell, is a secure protocol and the most common way of safely administering remote servers. Using a number of encryption technologies, SSH provides a mechanism for establishing a cryptographically secured connection between two parties,...