Category : security

My program needs to sometime temporarely load some sensitive text content into an std::string variable. It is undesirable to keep this content in memory when it is not needed anymore. Am I correct thinking that when a string is explicitly cleared by calling clear(), swapped with an empty string or just gone out of scope, ..

Read more

I have a question regarding using Windows Cryptography API: Next Generation (CNG) and especially the Microsoft Software Key Storage Provider for storing private keys and using it for encryption/decryption that I can’t seem to find a good answer for on the Internet. By using CNG for encryption operations the keys are never exposed to the ..

Read more

I am currently taking classes for Cyber Security and having an issue. I have the following CVE (CVE-2017-8461) https://nvd.nist.gov/vuln/detail/CVE-2017-8461 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8461 There are two questions in my assignment that for the life of me, I am unable to ascertain from these links. I am not looking for the answers, but just helpful pointers so I can ..

Read more

I want to support older Windows versions, but non updated 7 and pre 7 operating systems do not support sha256 code signing, so they cannot detect that the executable/file is properly digitally signed. My questions are: How can i check if a system has this update (KB4474419) installed, or basically check if it supports sha256, ..

Read more