CVE-2024-31033

CVE-2024-31033 concerns the JJWT (Java JWT) library up to version 0.12.5, where an issue in signing/verification could lead a user to falsely believe a key is strong due to ignored characters in signing operations (setSigningKey in DefaultJwtParser and signWith in DefaultJwtBuilder). IBM and Red ...

Apple’s passkeys attempt to solve the password problem

The recent Apple Worldwide Developers Conference WWDC revealed another teasing of what has been referred to as "the end of passwords forever". Passkeys are a "new biometric sign-in standard". Biometrics in security circles are used for things like identity cards, building access, and so on. This...

Microsoft Windows: System Cryptography: Force strong key protection

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winscstrongkeyprotect.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for System cryptography: Force strong key protection for user keys stored on the computer Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone...