Proof-of-concept code for exploiting Windows crypto-spoofing bug published

clock • 2 min read

Windows CryptoAPI flaw could enable attackers to launch man-in-the-middle attacks and to spoof signatures for emails and files

Security researchers have released two proof-of-concepts (PoC) for exploiting the Microsoft-NSA crypto-spoofing vulnerability (CVE-2020-0601) that was only patched and publicised on Tuesday. The...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Ivanti patches bugs in Connect Secure and Policy Secure gateways

Threats and Risks

Ivanti patches bugs in Connect Secure and Policy Secure gateways

Comes on the heels of federal-level security concerns

clock 05 April 2024 • 3 min read
Cyber agency took systems offline after hack, report

Hacking

Cyber agency took systems offline after hack, report

CISA cautioned last month about threat actors exploiting multiple Ivanti vulnerabilities

clock 11 March 2024 • 3 min read
Two command injection bugs threaten Fortinet's FortiSIEM

Threats and Risks

Two command injection bugs threaten Fortinet's FortiSIEM

Affect versions from October 2022 to 2024

clock 07 February 2024 • 2 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Security

IT Essentials: A cyber staycation
Security

IT Essentials: A cyber staycation

The UK made headlines in security news

Tom Allen
Tom Allen
clock 07 May 2024 • 3 min read
Microsoft: last year we tracked 200 major threat actors, now it's 300
Security

Microsoft: last year we tracked 200 major threat actors, now it's 300

Microsoft chief security adviser Sarah Armstrong Jones calls for more collaboration on AI and security

John Leonard
John Leonard
clock 07 May 2024 • 2 min read
Microsoft vows to overhaul security, tie executive pay to performance after string of breaches
Security

Microsoft vows to overhaul security, tie executive pay to performance after string of breaches

'We are making security our top priority at Microsoft'

Dev Kundaliya
clock 07 May 2024 • 3 min read