A patch for the MIT s Kerberos 5 implementation is to fix integer underflows in the functions for decrypting AES and RC4 ciphertexts. The agency said the malware has already compromised more than 150 organizations and provided insight into its ransomware-as-a-service behavior. Researchers predict software security will continue to struggle to keep up with cloud and IoT in the new year. Read the full article in this article by The H Security Newsroom at Threatpost.com.
Source: https://threatpost.com/mits-kerberos-5-patched-011810/73386/