Pierluigi Paganini January 21, 2020
Yomi Hunter Catches the CurveBall

Yomi implements detection for CurveBall exploits and also supports CVE-2020-0601 exploit detection even for signed Powershell modules.  The recent CurveBall vulnerability shook the Info-Sec community worldwide: a major vulnerability reported directly by the US National Security Agency. Such uncommon vulnerability reporter alerted the whole Industry, CVE-2020-0601 quickly conquered most of the headlines.  The reason for this unusual outreach […]

Pierluigi Paganini January 16, 2020
Two PoC exploits for CVE-2020-0601 NSACrypto flaw released

Researchers published proof-of-concept (PoC) code exploits for a recently-patched CVE-2020-0601 flaw in the Windows operating system reported by NSA. Security researchers have published two proof-of-concept (PoC) code exploits for the recently-patched CVE-2020-0601 vulnerability that has been reported to Microsoft by the US National Security Agency (NSA). Microsoft Patch Tuesday updates for January 2020 address a […]

Pierluigi Paganini January 15, 2020
Microsoft addresses CVE-2020-0601 flaw, the first issue ever reported by NSA

Microsoft has released a security update to address “a broad cryptographic vulnerability” that is impacting its Windows operating system. Microsoft Patch Tuesday updates for January 2020 address a total of 49 vulnerabilities in various products, including a serious flaw, tracked as CVE-2020-0601, in the core cryptographic component of Windows 10, Server 2016 and 2019 editions. […]