CVE-2015-7511

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations...

CVE-2015-7511

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations...

BlackBerry CEO Defends Lawful Access Principles, Supports Phone Hack

BlackBerry’s CEO made the company’s stance on lawful access requests clear this week and is defending actions to provide Canadian law enforcement with what it needed to decrypt communications between devices. The company’s CEO John Chen penned a statement on Monday, reiterating that one of...

Canadian Police obtained Master Key to Crack BlackBerry Messenger Encryption

BlackBerry has long been known for its stance on mobile security, as it was the first mobile phone maker to provide end-to-end encryption. But a new report revealed that the company has provided a master backdoor to law enforcement in its secure devices since 2010. The Royal Canadian Mounted Poli...

Petya of Salsa: a modified algorithm to bring the defect-vulnerability warning-the black bar safety net

Previously the Hubble analysis of the system describes about the modified MBR for disk encryption extortion Trojan Petya's. Recently Leo Stone gives crack Petya key full blasting code and decrypt tool, and noted that Petya author is using a variant of the Salsa20 algorithm to perform key...

DEBIAN-CVE-2016-0739

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...

Jigsaw Ransomware Decryption Tool

Menacing ransomware called Jigsaw threatened to delete thousands of files an hour if victims didn’t pay 0.4 Bitcoins or $150. Worse, restarting your PC, according to the attackers, would also cost victims 1,000 deleted files. The icing on the cake was a menacing image of “Billy the Puppet” from t...

CVE-2016-0739

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...

CVE-2016-0787

The diffiehellmansha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."...

How to Decrypt Petya Ransomware for Free

Ransomware has grown rapidly over the past few years and is now one of the most common threats on the Internet. These attacks have become increasingly aggressive, often leaving victims with little choice but to pay a ransom to recover critical and sensitive data. However, victims of Petya...

CVE-2 0 1 6-1 4 9 4 (python – rsa)vulnerability details-vulnerability warning-the black bar safety net

0×0 1 Overview CVE-2 0 1 6-1 4 9 4 vulnerability is about the Python-rsa signature forgery. In certain cases, can be forged a python rsa library to generate the signature information. But the premise needs an RSA public key exponent value e is small, the following are to e=3 discussion. A digital...

Researchers Break Petya Ransomware Encryption

Researchers have been combing through code related to the Petya ransomware long enough they’ve been able to cobble together a decryption tool that should allow most victims to generate keys in less than 10 seconds. A Twitter user who goes by the handle @leostone came up with a genetic algorithm o...

Encryption Bill: Bad for Privacy, Security and Business

A bill that would force companies to decrypt messages and unlock devices if ordered to do so by government court order, surfaced Friday and is rattling security and privacy advocates and IT business leaders. They contend the bill is misguided and will have a detrimental effect on civil liberties...

[SECURITY] Fedora 22 Update: python-rsa-3.4.1-1.fc22

Python-RSA is a pure-Python RSA implementation. It supports encryption and decryption, signing and verifying signatures, and key generation according to PKCS1 version 1.5. It can be used as a Python library as well as on the command-line...

[SECURITY] Fedora 23 Update: python-rsa-3.4.1-1.fc23

Python-RSA is a pure-Python RSA implementation. It supports encryption and decryption, signing and verifying signatures, and key generation according to PKCS1 version 1.5. It can be used as a Python library as well as on the command-line...

Important: openssl098e

Issue Overview: A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. CVE-2015-02...

Ransomware attacks on Hospitals put Patients at Risk

Just last week, the Federal Bureau of Investigation FBI issued an urgent "Flash" message to the businesses and organisations about the threat of Samsam Ransomware, but the ransomware has already wreaked havoc on some critical infrastructure. MedStar, a non-profit group that runs 10 hospitals in t...

Petya Ransomware Master File Table Encryption

First ransomware locked your desktop. Then it encrypted your files. Not long after, webservers, shared drives and backups were targeted. Now? Introducing Petya, ransomware that targets the Master Boot Record. Spotted in email campaigns sent to human resources offices in German companies, the...

The vulnerability of the OpenSSL library, which allows a hacker to decrypt the transmitted data

The vulnerability of the OpenSSL library lies in the fact that the SSLv2 protocol requires the server to send a message called ServerVerify before establishing a connection. As a result, the client possesses a portion of the RSA public key. Exploiting this vulnerability allows a remote attacker t...

SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)

A padding oracle flaw was found in the Secure Sockets Layer version 2.0 SSLv2 protocol. An attacker could potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack ...