This weeks top stories begins with the ROBOT attack, a bug in the implementation of RSA key exchange for products using PKCS #1 v1.5. This includes SSL\TLS if RSA is used for for exchanging keys. The bug can let an adversary decrypt traffic and even sign messages with someones else private key. The vulnerable products […]
About Raymond Aarseth
Working as an Operation Technician in Basefarm, and is part of the the Security Incident Response Team. I have a masters degree in information security from the University of Bergen, with a focus in security in virtual environments and cloud computing.
Entries by Raymond Aarseth
This weeks top stories is that Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability that could lead to remote code execution in Microsoft’s own Malware Protection Engine. CVE-2017-11937 uses a memory corruption bug that lets a specially crafted file run code on on the machine. This is an out of band security update coming […]