NCSC Builds New “Cyber League” Threat Tracking Community
The UK’s National Cyber Security Centre has launched a Cyber League to monitor emerging cyber-threats Read More
Smashing Security podcast #355: Fishy Rishi, 23andMe, and the labour of love
Has the British Prime Minister been caught secretly profiting from a cryptocurrency app? Were 23andMe right to blame their users after a data breach? And...
Legends of IdleOn – I Reject Your RNG And Substitute My Own
Posted by Soatok Dreamseeker on Jan 17 Hello Full Disclosure mailing list! Legends of IdleOn is a popular free-to-play game on Android, iOS, Steam, and...
Buffer over-read in dtls_sha256_update of TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. A buffer over-read exists in the dtls_sha256_update...
Misues same epoch number within TCP lifetime in TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. DTLS servers allow remote attackers to reuse...
Assertion failure in check_certificate_request() of TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. An assertion failure in check_certificate_request() causes the...
Buffer over-read in TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. Incorrect handling of over-large packets in dtls_ccm_decrypt_message()...
Infinite loop leading to buffer overflow in TinyDTLS
Posted by Meng Ruijie on Jan 17 [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. An infinite loop bug exists during the...
Mishandle epoch number in TinyDTLS servers
Posted by Meng Ruijie on Jan 17 About CVE-2021-42142: [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. DTLS servers mishandle the early...
Incorrect handshake in TinyDTLS
Posted by Meng Ruijie on Jan 17 About CVE-2021-42141: [Suggested description] An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete...