-
Abuse of Microsoft CVE-2020-0601 vulnerability could result in a Man-in-the-Middle (MiTM) attack. https://owlysec.com/vulnerabilities/the-cve-2020-0601-vulnerability-could-break-encrypted-network-traffic …
#cybersecurity#CVE20200601#vulnerability#Windows#ITSec -
Detecting CVE-2020-0601 exploitation attempts on the network using a Zeek script via
@Zeekurity and@0xxon https://blog.zeek.org/2020/01/detecting-cve-2020-0601-with-zeek.html …#CVE20200601#NSM#BlueTeam#AllRoundDefender pic.twitter.com/7DFMqChQli
-
While you all were asleep I was turning CVE-2020-0601 into some trap music. Enjoy the demo track
#x86ASMIDI#BasslineKiller#CVE20200601#Music#Demohttp://clyp.it/hpu0ma4i -
Nice blog post from
@splunk today promoting@Zeekurity, "Detecting CVE-2020-0601 Exploitation Attempts With Wire & Log Data": http://disq.us/t/3liekia via@drewchurch#cybersecurity#cve20200601#networksecuritymonitoring#networktrafficanalysis#SIEM#threathunting -
Windows 7, ladies and gentlemen!
#cve20200601#curveball#chainoffools /via@dn3tpic.twitter.com/9ZDfjVTmw2
-
Ho yes, unlike
#mimikatz, it's not a Windows only source code. Works on Linux too, and others UNIX with recent SSL library. "#curveball#cve20200601, 9/10, will compile and link again" https://twitter.com/gentilkiwi/status/1219305687643230210 …pic.twitter.com/IJGV9MAOBs
-
Because I prefer C,
#curveball#cve20200601 little POC to create your own EC alternative keys > https://github.com/gentilkiwi/curveball/releases/ … With a lots of keys included in the release.pic.twitter.com/kkboaxUARk
-
New video! Watch “CVEs in Windows Event Logs? What You Need to Know” and learn about important changes in the January 2020 Patch Tuesday associated with CVE-2020-0601. https://www.youtube.com/watch?v=ebmW42YYveI … Please RT.
#DFIR#forensics#CVE20200601 -
Our latest
@McAfee_Labs blog details What CVE-2020-0601 Teaches Us About Microsoft’s TLS Certificate Verification Process https://www.mcafee.com/blogs/other-blogs/mcafee-labs/what-cve-2020-0601-teaches-us-about-microsofts-tls-certificate-verification-process/ …#cybersecurity#infosec#cve20200601 -
CVE-2020-0601脆弱性のチェックサイトがSANSから公開されてます https://curveballtest.com/ 不正に署名したテストファイルも同サイトで公開されてますが、マルウェア検出の警告が出る場合もあるのでご注意を https://www.virustotal.com/gui/file/211c76e57088ad946319d8262f2ac7b0fa5aa0af705963b45dc8a4a940fa8b0a/detection …
#cve20200601#curveball#cybersecurity#サイバーセキュリティ pic.twitter.com/3guPiXPxVz
-
.
@cyb3rops' Yara rule to catch CVE-2020-0601 matches about each 3 minutes in VT this morning. What an average! Mainly PoC with weaks detection rate: https://www.virustotal.com/gui/search/%2523cve%2520%2523signed/comments …#cve20200601#curveball -
Because VBA is not all,
#curveball#cve20200601 with Microsoft PowerShell signed script. Very useful with AllSigned or RemoteSigned execution policy
pic.twitter.com/tUS9vnyx97Prikaži ovu nit -
Super helpful presentation for people looking at
#CurveBall possible uses: https://youtu.be/J8WGJtCy0ek from@BarryV#cve20200601Prikaži ovu nit -
We're beginning to see the true impacts of #CurveBall and I appreciate the deep challenges in layering the fixes as well as detection signals in all the places this can be applied.#cve20200601 https://twitter.com/gentilkiwi/status/1218204246346293249 …
-
I have added a Yara rule to detect explicit definition of some ECC orders in a binary: https://github.com/Yara-Rules/rules/pull/369 …. Useful to detect
#CVE20200601#ChainOfFools.pic.twitter.com/skGQAsIiIp
-
1/ Insights from analyzing Chrome's patch for
#curveball#cve20200601 to protect Chrome's users on vulnerable unpatched#Win10 machines https://chromium-review.googlesource.com/c/chromium/src/+/1994434/6/net/cert/cert_verify_proc_win.cc …Prikaži ovu nit -
This is how
@SentinelOne behavioral engines deal with CVE-2020-0601#cve20200601 https://youtu.be/yR2cqMPWLfk -
Write-CveEvent updated! get-help .\Write-CveEvent -Modified default message to more closely match CVE-2020-0601 https://www.powershellgallery.com/packages/Write-CveEvent …
#CVE20200601#ChainOfFools#PowerShellPrikaži ovu nit -
I've been getting asked about the "NSA Windows Bug" a lot so I'm just gonna post here.
#CVE20200601 The vulnerability is *extremely* limited in scope - no RCE. It's related to Code Signing Certificates - how many of us use them as security boundaries? Likely zero.Prikaži ovu nit -
And for the final thing - browsers will silently accept such certificates however IE will complain that the certificate could not be verified up to a trusted CA, but only when you view details!
#crypto32#cve20200601 pic.twitter.com/z3LW930Lga
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
I hope nobody rely on it for legal / workflow validation