Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon client IDs and PFX certificates. According to Socket, versions 2.0.0 through 2.0.4 of "Sicoob.Sdk"...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005421)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005421 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowin...

OpenSSL Security Advisory Assessment, January 2026

OpenSSL Security Advisory Assessment, January 2026 Summary The OpenSSL project released a security advisory that includes 12 CVEs. After assessment, we have concluded that three CVEs affect Node.js severity Low to Moderate. Given the limited attack surface, the OpenSSL updates will be included in...

How to convert PFX certificate without importing password to PEM certificate on ADC

This article provides instruction on how toconvert PFX certificate with importing password to PEM certificate in our document using "Import PKCS12" on GUI. Refer to...

Backup Fails With the Error “PKCS12 (PFX)”

Challenge A backup job fails with the error: PKCS12 PFX without a supplied password has exceeded maximum allowed iterations. See https://go.microsoft.com/fwlink/?linkid=2233907 for more information The issue may also manifest as a backup job being stuck in the queued state. In this specific case,...

ICPR Certificate Management

Request certificates via MS-ICPR Active Directory Certificate Services. Depending on the certificate template's configuration the resulting certificate can be used for various operations such as authentication. PFX certificate files that are saved are encrypted with a blank password. This module ...

Masky - Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory

Masky is a python library providing an alternative way to remotely dump domain users' credentials thanks to an ADCS. A command line tool has been built on top of this library in order to easily gather PFX, NT hashes and TGT on a larger scope. This tool does not exploit any new vulnerability and...

Citrix ADC - Error: "Invalid private key, or PEM pass phrase required for this private key" on FIPS device

When trying to export a PFX file from a certificate that has already been uploaded to the ADC, we get the error "Invalid private key, or PEM pass phrase required for this private key" , even after making sure the correct certificate and private key is selected, as well as entering the correct...

CVE-2021-1731

PFX Encryption Security Feature Bypass Vulnerability...

CVE-2021-1731

PFX Encryption Security Feature Bypass Vulnerability...

Security feature bypass

PFX Encryption Security Feature Bypass Vulnerability...

CVE-2021-1731 PFX Encryption Security Feature Bypass Vulnerability

...

CVE-2021-1731

Technical details about CVE-2021-1731 are not publicly provided in the connected documents. Monitor for updates from NVD/OSV/MSKB mentions to clarify affected product, root cause, and remediation.

PFX Encryption Security Feature Bypass Vulnerability

...

CVE-2020-11705

An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter...

Format string

An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter...

How to Convert PFX Certificate to PEM Format for Use with Citrix ADC

For detailed instructions refer to Citrix Documentation -Converting Certificate from PFX Format to PEM Format...

September 17, 2018—KB4464217 (OS Build 16299.666)

September 17, 2018—KB4464217 OS Build 16299.666 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may prevent a VPN connection from establishing for some users that a...

How to Generate and Install an SSL Certificate on a StoreFront Server for HTTPS connections

This article explains how to generate and install an SSL certificate on a StoreFront server for HTTPS connections. If you have already generated an SSL certificate on one of your StoreFront servers in the StoreFront server group, you can just export the existing SSL certificate and import the...

Powershell Payload Execution

This module generates a dynamic executable on the session host using .NET templates. Code is pulled from C templates and impregnated with a payload before being sent to a modified PowerShell session with .NET 4 loaded. The compiler builds the executable standard or Windows service in memory and...