Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11DUHK attacks allow hackers to obtain encryption keys for VPN and web browsing sessions
DUHK - Dont Use Hard-coded Keys - is a new dangerous encryption executable vulnerability that allows an attacker to recover the encryption key used to secure VPN connections and web sessions.
DUHK is the third vulnerability related to encryption discovered this month, after attacking WiFi KRACK and attacking ROCA.
This vulnerability exists on many devices of many vendors, including Fortinet, Cisco, TechGuard, where the device uses ANSI X9.31 RNG - an algorithm to generate pseudo random numbers - along with the key hard-coded (just embedding it directly into source or fixed data instead of taking from external sources).
Before being removed from the list of FIPS-approved random number sequence algorithms approved in January 2016, ANSI X9.31 RNG is used in many coding standards for more than 30 years.
The pseudo random number generator (PRNG) does not generate random numbers. In essence, it is an algorithm that creates a series of bits based on secret values originally called 'seeds' and creates the current state. This bit sequence is always the same due to the same initial values.
Some vendors store this 'secret seed' into their product source code.
Discovered by cryptanalysts Shaanan Cohney, Nadia Heninger and Matthew Green, DUHK, known as 'status restoration attack', allows intermediaries who already know the value of seeds restore the current value after viewing the output data.
With those two values, the attacker uses to recalculate the encryption key, restoring the encrypted data.
'To describe the reality, we created passive decoding attack on FortiGate VPN product with FortiOS version 4', the researchers said. 'We scanned at least 23,000 devices with public IPv4 addresses running FortiOS versions containing vulnerabilities'. Below is an incomplete list of influential devices with the same version.
Vendor products containing vulnerabilities are vulnerable to DUHK attacks
Researchers have also published in-depth research material on the DUHK attack website at this address.https://duhkattack.com/
Isabella HumphreyYou should read it
- Cisco security equipment is targeted at DoS attacks through an old vulnerability
- Warning: DDoS attacks are becoming more dangerous both in scale and complexity
- DNS attacks are costing governments worldwide huge amounts
- IBM developed a new technology to patch security holes
- Detection of security vulnerabilities affects all Bluetooth versions
- AMD patched a series of security holes in the graphics driver for Windows 10
- Microsoft warns of an increasing trend of attacks targeting firmware and worrying public indifference
- Top 10 attack techniques on the web
May be interested
- Use HTTPS encryption connection when browsing the web
in this tutorial, i will show you how to maintain an encrypted connection between your computer and the visited websites. - Malware encryption (part 1)in today's age, encryption is everywhere, from the most ordinary things like e-mail sent / received to sophisticated things like secret keys, national codes. most users are more or less using different encryption mechanisms in their applications
- How to manage multiple browsing sessions in Google Chromethe fact that browsers currently do not allow multiple sessions simultaneously for the same site is a huge limitation. fortunately, third-party plugins can help accomplish this task.
- Which DNS encryption protocol best protects your web traffic?cybercriminals can often monitor dns traffic, making encryption essential to keep your browsing private and secure.
- Focus Sessions, the new anti-distraction feature on Windows 11yesterday, microsoft senior vice president panos panay revealed the improvements to the snipping tool on windows 11. recently, mr. panay continued to share about a completely new feature called focus sessions.
- What is end-to-end encryption? How does it work?online privacy is the need of the times. especially when there is a continuous increase in the number of techniques to steal user data.
- Learn Null Session attacksnull sessions, called ipc $ on a windows platform server, are an anonymous connection to a shared network that allows users in the network to access freely.
- The hyperlink test command is being used by hackers to perform DDoSresearchers have recently discovered that an html feature is called a hyperlink auditing, or ping for short, being used by hackers to execute ddos attacks. target multiple websites.
- Top 10 attack techniques on the websecurity experts have listed the top 10 attacks on the web and forecast online banking transactions at the highest risk of hackers. the discovery of duong ngoc thai, a vietnamese security expert, ranks first.
- The alarming increase in the number of attacks targeted at IoT devicesalong with the explosive growth of globalized internet and especially wireless connectivity, the number of attacks targeted internet devices and things (iot) has escalated 'scary. 'throughout 2018.
Attack the network
- Roboto Font Condensed install malware on your computer
- Hacker Instagram offered to sell personal information of 6 million accounts on DoxaGram
- MongoDB malicious code attacks more than 26,000 victims in a week
- Loop Bug 6-year life is again discovered, affecting most PDF viewers
- Critical error on Apache Struts2 allows hackers to take over the web server
- The same Skype ID malware author used to run IoT Botnet and apply for jobs
Roboto Font Condensed install malware on your computer
Hacker Instagram offered to sell personal information of 6 million accounts on DoxaGram
MongoDB malicious code attacks more than 26,000 victims in a week
Loop Bug 6-year life is again discovered, affecting most PDF viewers
Critical error on Apache Struts2 allows hackers to take over the web server
The same Skype ID malware author used to run IoT Botnet and apply for jobs