Proof-of-concept code for exploiting Windows crypto-spoofing bug published

clock • 2 min read

Windows CryptoAPI flaw could enable attackers to launch man-in-the-middle attacks and to spoof signatures for emails and files

Security researchers have released two proof-of-concepts (PoC) for exploiting the Microsoft-NSA crypto-spoofing vulnerability (CVE-2020-0601) that was only patched and publicised on Tuesday. The...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Cyber agency took systems offline after hack, report

Hacking

CISA cautioned last month about threat actors exploiting multiple Ivanti vulnerabilities

clock 11 March 2024 • 3 min read
Two command injection bugs threaten Fortinet's FortiSIEM

Threats and Risks

Affect versions from October 2022 to 2024

clock 07 February 2024 • 2 min read
Microsoft's calm start to 2024: January Patch Tuesday addresses 49 bugs

Threats and Risks

None of them is currently under active exploitation or publicly disclosed

clock 10 January 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

You need to lock down cyber-physical systems: Here's how and why

You need to lock down cyber-physical systems: Here's how and why

Cybersecurity should focus on OT as well as IT

Samara Lynn
clock 27 March 2024 • 3 min read
China Crisis: Government blames China for Electoral Commission cyberattack

China Crisis: Government blames China for Electoral Commission cyberattack

Also accuses Chinese state-affiliated actors of trying to hack MPs emails

Penny Horwood
clock 26 March 2024 • 5 min read
A cyber-focused attorney on why 'Data is the hot potato'

A cyber-focused attorney on why 'Data is the hot potato'

Shawn Tuma, partner and co-chair of the data privacy and cybersecurity practice group at Spencer Fane LLP, shares some tips on cybersecurity for companies to follow.

Samara Lynn
clock 26 March 2024 • 3 min read