EulerOS Virtualization 2.10.0 : shim (EulerOS-SA-2026-1197)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext acros...

Linux Distros Unpatched Vulnerability : CVE-2021-3711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twic...

Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes

Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware "represents a significant shift as it incorporates the malicious components directly within the Flutter code," Fortinet FortiGuard Labs researcher Axelle Apvrille said in a report...

openssl: timing attack in RSA Decryption implementation

A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages...

How to Verify Password for an Encrypted SSL Certificate Key File

This article explains how to use OpenSSL to decrypt a keyfile that was encrypted by a password. Background On NetScaler, when creating an RSA Key, you can change the PEM Encoding Algorithm to DES3 and enter a permanent Passphrase. This encrypts the keyfile and protects it with a password or pass...