ciphertext – WindowsTechs.com

Detecting Zerologon (CVE-2020-1472) with Zeek

Posted on September 16, 2020 by Yacin Nadji

By Yacin Nadji, Corelight Security Researcher CVE-2020-1472 aka Zerologon, disclosed by Tom Tervoort of Secura, is an illustrative case study of how a small implementation mistake in cryptographic routines cascades into a privilege escalation vulnerabi… Continue reading Detecting Zerologon (CVE-2020-1472) with Zeek→

ROBOT Attack Revives a 19-Year Old Vulnerability

Posted on January 5, 2018 by Hakan Arici

Daniel Bleichenbacher was the security researcher who first discovered, in 1998, that PKCS #1 v1.5 padding error messages sent by a Transport Layer Security (TLS) stack running on a server could enable an adaptive-chosen ciphertext attack. When used in… Continue reading ROBOT Attack Revives a 19-Year Old Vulnerability→

Meet PocketBlock, the crypto engineering game for kids of all ages

Posted on September 7, 2016 by Dan Goodin

When you’re a cryptographer, telling your preteen kids what you do isn’t easy. Continue reading Meet PocketBlock, the crypto engineering game for kids of all ages→