all InfoSec news
CVE-2020-0601 and lsass.exe in EDR
Aug. 20, 2022, 10:15 a.m. | /u/ugonikon
cybersecurity www.reddit.com
​
in an EDR I noticed a few days ago an alert that marked the process lsass.exe as suspicious and gave the above CVE number as the reason.
​
CVE-2020-0601:
My understanding is that this vulnerability is aimed at generating custom certificates by exploiting a flaw in the Eliptic Curve. This malicious certificate can then be used, for example, to set up a fake domain or to sign own files. ([https://www.youtube.com/watch?v=8RI60aRyhoE](https://www.youtube.com/watch?v=8RI60aRyhoE))
​
To the EDR alert:
The process …
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Computer and Forensics Investigator
@ ManTech | 221BQ - Cstmr Site,Springfield,VA
Senior Security Analyst
@ Oracle | United States
Associate Vulnerability Management Specialist
@ Diebold Nixdorf | Hyderabad, Telangana, India