Bleichenbacher and Dictionary Attacks on IPsec IKE

Two new attacks on IPsec IKE Internet Key Exchange were recently disclosed 1, involving multiple ways to perform attacks against IKE signature based and PSK Pre-Shared Key authentications. The end goal is to crack IPsec VPN encrypted communications. The relevant CVEs are: CVE-2018-5389: Practical...

Moderate: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

An update for openstack-nova is now available for Red Hat OpenStack Platform 12.0 Pike. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openstack-nova: Swapping encrypted volumes can allow an attacker to corrupt the LUKS header causing a denial of service in the host

OpenStack Nova has a vulnerability in the handling of encrypted volumes. By detaching and reattaching an encrypted volume, an attacker may access the underlying raw volume and corrupt the LUKS header, resulting in a denial of service attack on the compute host. All Nova installations supporting...

CVE-2017-13105

Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, 2017-09-13, Android application accepts all SSL certificates during SSL communication. This opens the application up to a man-in-the-middle attack having all of its encrypted traffic intercepted and read by an attacker...

CVE-2018-8753

The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack...

Fedora 27 : thunderbird-enigmail (2018-eacf5a9ce8)

Update to 2.0.8 : - A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed and/or encrypted. - Changelog: https://enigmail.net/index.php/en/download/changelog Note that Tenable Network Security has extracted...

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

ThreatList: Almost All Security Pros Believe Election Systems Are at Risk

As the U.S. midterm election season gets underway in earnest, concerns about the ability to hack the vote is more in the spotlight than ever. A fresh survey from Venafi has found that a full 93 percent of security pros are concerned about cyber-attacks targeting election infrastructure. The poll,...

FreeBSD -- Unauthenticated EAPOL-Key Decryption Vulnerability

Problem Description: When using WPA2, EAPOL-Key frames with the Encrypted flag and without the MIC flag set, the data field was decrypted first without verifying the MIC. When the dta field was encrypted using RC4, for example, when negotiating TKIP as a pairwise cipher, the unauthenticated but...

Cisco IOS and IOS XE Software Internet Key Exchange Version 1 RSA-Encrypted Nonces Vulnerability

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

CVE-2018-10622

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

openSUSE Security Update : enigmail (openSUSE-2018-833)

This update for enigmail to 2.0.8 fixes the following issues : The enigmail 2.0.8 release addresses a security issue and solves a few regression bugs. - A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed...

UBoat - HTTP Botnet Project

A POC HTTP Botnet designed to replicate a full weaponised commercial botnet. Disclaimer This project should be used for authorized testing or educational purposes only. The main objective behind creating this offensive project was to aid security researchers and to enhance the understanding of...

Security Bulletin: Sweet32 vulnerability that impacts Triple DES cipher affects Communications Server for Data Center Deployment, Communications Server for AIX, Linux, Linux on System z, and Windows (CVE-2016-2183)

Summary Sweet32 exposes a problem in the Triple DES algothorim for sessions that receive more than 2 GBytes of data on an encrypted session. Once beyond that amount of data, the algorithm allows for a intrusion that can be more easily decrypted. Vulnerability Details CVEID: CVE-2016-2183...

Reddit hacked: Hackers steal complete copy of old database backup

By Waqas Reddit says the breach took place after hackers intercepted SMS that were supposed to be delivered to employees. The social media giant Reddit has announced that it has suffered a data breach in which attackers hacked into its system and ended up stealing data of its registered users...

Huawei Backup App Reset Session Vulnerability

Huawei Backup App is a cell phone file backup tool. A reset session vulnerability exists in Huawei Backup App, located in the application folder "HuaweiBackup-BackupFiles", which affects a file named info.xml, where encrypted passwords are stored, and can be bypassed and reset by modifying the...