Category

NSA

Bad news: Windows security cert SNAFU exploits are all over the web now. Also bad: Citrix gateway hole mitigations don’t work for older kit NSA

Bad news: Windows security cert SNAFU exploits are all over the web now. Also bad: Citrix gateway hole mitigations don’t work for older kit

Good news: There is none. Well, apart from you can at least fully patch the Microsoft blunder Vid Easy-to-use exploits have emerged online for two high-profile security vulnerabilities, namely the Windows certificate spoofing bug and the Citrix VPN gateway hole. If you haven't taken mitigation steps by now, you're about…
bubmag
January 17, 2020
Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft NSA

Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft

Threatpost talks to Venafi about the recently-disclosed Microsoft vulnerability and whether the hype around the flaw was warranted. A major Microsoft crypto-spoofing bug impacting Windows 10 made waves this Patch Tuesday, particularly as the flaw was found and reported by the U.S. National Security Agency (NSA). Microsoft’s January Patch Tuesday security bulletin…
bubmag
January 15, 2020