Security News > 2017 > March > JSON Libraries Patched Against Invalid Curve Crypto Attack (Threatpost)

JSON Libraries Patched Against Invalid Curve Crypto Attack (Threatpost)

2017-03-15 15:46

JSON libraries using the JWE specification to create, sign and encrypt access tokens have been patched against an attack that allows for the recovery of a private key.

News URL

http://threatpost.com/json-libraries-patched-against-invalid-curve-crypto-attack/124336/

#attack #crypto #json #libraries #threatpost

Related news

Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
LottieFiles hit in npm supply chain attack targeting users' crypto (source)
LottieFiles hacked in supply chain attack to steal users’ crypto (source)
LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.