If you think KRACK attack for WiFi is the worst vulnerability of this year, then hold on…
...we have got another one for you which is even worse.
Microsoft, Google, Lenovo, HP and Fujitsu are warning their customers of a potentially serious vulnerability in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies.
It's noteworthy that this crypto-related vulnerability (CVE-2017-15361) doesn't affect elliptic-curve cryptography and the encryption standard itself, rather it resides in the implementation of RSA key pair generation by Infineon's Trusted Platform Module (TPM).
Infineon's Trusted Platform Module (TPM) is a widely-used, dedicated microcontroller designed to secure hardware by integrating cryptographic keys into devices and is used for secured crypto processes.
This 5-year-old algorithmic vulnerability was discovered by security researchers at Masaryk University in the Czech Republic, who have released a blog post with more details about the weakness as well as an online tool to test if RSA keys are vulnerable to this dangerous flaw.
Dubbed ROCA (Return of Coppersmith's Attack), the factorization attack introduced by the researchers could potentially allow a remote attacker to reverse-calculate a private encryption key just by having a target's public key—thanks to this bug.
"Only the knowledge of a public key is necessary and no physical access to the vulnerable device is required," the researchers said. "The vulnerability does NOT depend on a weak or a faulty random number generator—all RSA keys generated by a vulnerable chip are impacted."
This could eventually allow the attacker to impersonate key owner, decrypt victim's sensitive data, inject malicious code into digitally signed software, and bypass protections that prevent accessing or tampering with the targeted computer.
Where lives The most Richest Americans? Maybe you have checked the hottest "Forbes 400: The Full List of The most Richest Persons in America&q
we have always been intrigued by Thanksgiving – the traditions, the meal, the idea of a holiday that is simply about being thankful. For
Tesla has managed to deliver something on time, even if it ’s falling behind its projections for the Model 3 electric car: It has completed prod
Sit back, relax and watch the 30-foot wolf and 1,000-pound gorilla wreck Chicago as the 1986 arcade game comes to life. (adsbygoog
In the week leading up to Thanksgiving, I talk to many patients about how to approach the big day in a way that balances their two competing prioritie
Senators Mark Warner (Va.) and Amy Klobuchar (Minn.) created a Facebook page for a fictional political group — Americans for Disclosure Solution