This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT). Engineers at Netflix discovered three new vulnerabilities in Linux and FreeBSD kernels specific to its TCP networking implementation. The Vulnerabilities can be used by an adversary to perform a Denial Of Service (DOS) attack […]
About Raymond Aarseth
Working as an Operation Technician in Basefarm, and is part of the the Security Incident Response Team. I have a masters degree in information security from the University of Bergen, with a focus in security in virtual environments and cloud computing.
Entries by Raymond Aarseth
A new method has been found to make cracking WPA/WPA2 easier The makers of Hashcat found a simpler way to gather the Pairwise Master Key Identifier (PMKID) from WPA/WPA2-secured wifi network. Before this method was discovered an attacker would have to wait for a user to authenticate, and then steal the 4-way handshake of the […]
This weeks top stories begins with the ROBOT attack, a bug in the implementation of RSA key exchange for products using PKCS #1 v1.5. This includes SSL\TLS if RSA is used for for exchanging keys. The bug can let an adversary decrypt traffic and even sign messages with someones else private key. The vulnerable products […]
This weeks top stories is that Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability that could lead to remote code execution in Microsoft’s own Malware Protection Engine. CVE-2017-11937 uses a memory corruption bug that lets a specially crafted file run code on on the machine. This is an out of band security update coming […]