Connect with us
Microsoft has known about this since the beginning of the Microsoft has known about this since the beginning of the

Security

Microsoft has known about this since the beginning of the year: a dangerous vulnerability in Microsoft Office allows you to reveal user correspondence

Published

on

Researchers from cybersecurity company WithSecure have discovered a dangerous vulnerability in Microsoft Office.

According to Venture Beat, the error lies in the Microsoft Office message encryption service. Thanks to it, cybercriminals were able to uncover the block cipher of the electronic codebook (ECB), which contains information about the structure of each sent message.

Although this vulnerability cannot fully reveal the content of a conversation, an attacker is able to match email patterns and reveal protected information through inference.

Microsoft has known about this since the beginning of the year: a dangerous vulnerability in Microsoft Office allows you to reveal user correspondence

An attacker who gains access to encrypted emails can extract some information from the encrypted emails. Depending on the characteristics of the particular email content, the disclosure may be (almost) full or partial.

Garry Sintonen, Principal Security Consultant at WithSecure.

Garry Sintonen added that the more encrypted emails an attacker can collect, the easier it is for him to match patterns and decrypt the contents of the messages.

WithSecure claims to have notified Microsoft of the vulnerability back in January 2022. Despite the fact that Microsoft paid them a cash reward, the error was never fixed and remains in the system to this day.

Click to comment

Leave a Reply

Your email address will not be published.

Phones

Possibly hundreds of millions of smartphones are at risk. A vulnerability has been discovered that manufacturers are in no hurry to fix

Published

on

Possibly hundreds of millions of smartphones are at risk A

Google, as part of its Project Zero project, has published information about a new vulnerability CVE-2022-33917 that affects millions of smartphones.

Possibly hundreds of millions of smartphones are at risk.  A vulnerability has been discovered that manufacturers are in no hurry to fix

The fact is that we are talking about a vulnerability in Mali GPUs, which are used in a huge number of single-chip systems. Google does not specify, but the Arm website has information that the vulnerability affects solutions based on the Valhall architecture. And this means that we are talking about a huge number of graphics cores that have been and are being used in SoCs in recent years, including the latest Mali-Gx10. That is, we are not talking about millions of vulnerable smartphones, but rather hundreds of millions of devices based on SoC MediaTek, Exynos and Tensor.

Arm itself patched the vulnerability some time ago, but the problem is that many vendors still haven’t implemented those patches. This applies to many devices from Samsung, Xiaomi, Oppo and even Google itself.

If exploited, the vulnerability is intended to allow an attacker to read and write physical pages after they are returned to the system, potentially gaining wide access to user data.

Continue Reading

Gaming

Elon Musk invited a famous hacker of iPhone and PlayStation consoles to Twitter

Published

on

Elon Musk invited a famous hacker of iPhone and PlayStation

Elon Musk hired a hacker who created the world’s first iPhone jailbreak in 2007 and bypassed Sony consoles in 2010. We are talking about George Hotz (George Hotz), known under the nickname Geohot. He also founded the startup Comma.ai, where an autopilot system for cars is being developed.

Elon Musk invited a famous hacker of iPhone and PlayStation consoles to Twitter

In 2015, Hotz began building his own autopilot and offered Musk a license. Instead, the businessman invited a specialist to Tesla, but Hotz refused.

A November 16 Hotz wrote on Twitter, which supports Musk’s decisions about the “hardcore mode of operation.” He also stated that he was ready for an internship at Twitter with a minimum pay that is equal to the cost of living in San Francisco. Musk answered and invited the developer to Twitter.

Elon Musk invited a famous hacker of iPhone and PlayStation consoles to Twitter

George Hotz

First, the specialist will improve the advanced search in the social network so that users no longer set filters manually.

Earlier it was reported that Musk took up the “fire servers.”

Continue Reading

Security

Hackers hacked one of Nvidia’s Twitter accounts to “advertise” Dogecoin

Published

on

Hackers hacked one of Nvidias Twitter accounts to advertise Dogecoin

The official Nvidia Taiwan Twitter account has been hacked.

Hackers hacked one of Nvidia's Twitter accounts to

This account has been inactive since 2019, but today unexpectedly posted posts related to the Dogecoin cryptocurrency. Given the recent purchase of Twitter by Elon Musk and his love for this cryptocurrency, the situation looks quite funny.

Be that as it may, the attackers published a record about a certain Dogeathon 2022 event and added a link to the record. Of course, the link was used for phishing.

The account is currently suspended. Nvidia itself has not yet commented on the situation.

Continue Reading

Most Popular