Brandefense Academy
Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover Now
Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover NowAPRIL 26, 2022
[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]A cryptographic security vulnerability has been detected by security researchers in Java that allows threat actors to potentially capture communications and messages that should be encrypted, such as SSL communications and authentication processes (JWT).
The security vulnerability, called “Psychic Signatures,” monitored as CVE-2022-21449, is due to the incorrect application of the signature verification algorithm (ECDSA). Effective use of vulnerability results in the void of the integrity of content guaranteed by signatures.
The vulnerability affects Java 15, 16, 17, and 18 versions. In this context, it is recommended to immediately upgrade the vulnerable Java versions to the latest version (17.03 or 18.0.1) not to be the target of attacks that can be carried out using the vulnerability.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]
Take control of your digital security with an exclusive demo of our powerful threat management platform.
