Blog | G5 Cyber Security

NSA and Github rickrolled using Windows CryptoAPI bug

On Monday this week, the big cybersecurity news was speculative. On Tuesday, Microsoft announced a big bad bug in the Windows CryptoAPI vulnerability. The NSA gave the bug to Microsoft to patch the hole proactively, and here we are! The vulnerability, denoted CVE-2020-0601, is a way by which crooks can mint themselves cryptographic certificates with other peoples names on them. The first proof-of-concept fake ID generators are out weve already seen a Python program of 53 lines and a Ruby script of just 21 and they really are sitting there for anyone to use for free.”]

Source: https://nakedsecurity.sophos.com/2020/01/16/nsa-and-github-rickrolled-using-windows-cryptoapi-bug/

Exit mobile version