The DUHK Vulnerability

October 25, 2017

There have been some news items floating around the Internet discussing a weakness in the ANSI X9.31 random number generator (RNG) known as DUHK (for Don't Use Hard-coded Keys) that had affected older FortiGate devices. An update was issued more than a year ago when the flaw was first announced to Fortinet.

Read more...

Previous Article
The Analysis of Apache Struts 1 ActionServlet Validator Bypass (CVE-2016-1182)
The Analysis of Apache Struts 1 ActionServlet Validator Bypass (CVE-2016-1182)

Apache Struts 1 ValidatorForm is a commonly used component in the JAVA EE Web Application that requires val...

Next Article
Cloud Migration a Challenge to Many

The number one challenge identified by Federal agencies in migrating to the cloud is expanding security mea...