Day 1 detection: CVE-2020-0601, a community, and 40 lines of code

By Richard Bejtlich, Principal Security Strategist, Corelight On Tuesday, Jan. 14, 2020, the world learned of the vulnerability du jour, CVE-2020-0601. As explained by Microsoft, “a spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.” This blog post is not about the vulnerability. Rather, it’s about how leveraging the … Continue reading Day 1 detection: CVE-2020-0601, a community, and 40 lines of code