Bleeping Computer

How Malware Gains Trust by Abusing the Windows CryptoAPI Flaw

The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This ...
Bleeping Computer

Microsoft Fixes Windows CryptoAPI Spoofing Flaw Reported by NSA

Microsoft patched a spoofing vulnerability present in the Windows usermode cryptographic library, CRYPT32.DLL, on Windows 10, Windows Server 2016, and Windows Server 2019 systems. In a media call with ...