Thursday, January 21, 14:23
Home security EU: A patch has been released to fix vulnerabilities in the eIDAS system

EU: A patch has been released to fix vulnerabilities in the eIDAS system

eIDASThe European authorities have today released one patch for the eIDAS system, which is the abbreviation for electronic IDentification, Authentication and trust Services. The new patch fixes two major errors security. Hackers could use errors to represent themselves as European citizens or business representatives and make them illegal transactions.

EIDAS is a pretty complicated one system for secure management of electronic transactions and digital signatures between EU Member States, citizens and operational.

The eIDAS system was created in 2014. It is very useful because it allows EU governments, citizens, and businesses. conduct valid cross-border electronic transactions, regardless of country of origin.

The eIDAS-Node is the software that Europeans run users to servers for them to be able to do the transactions.

Therefore, any error in the software could cause many problems, since attackers could take advantage of it and violate digital transactions (eg tax payments, bank transfers, shipping of goods).

SEC Consult security researchers recently said they discovered two such errors that allowed hackers present themselves as European citizens or businesses.

According to the researchers, the software could not validate the certificates used in eIDAS transactions. So criminals could to falsify the certificate of any other citizen or business of eIDAS.

The attackers could access a Member State's eIDAS-Node server and use fake certificates during the initial authentication process.

Investigators conducted tests and found that the attack was feasible.

The European authorities have been informed of the vulnerabilities and a new update of the eIDAS-Node software has been released today. All Member States are urged to update their systems to avoid possible attacks.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...

Microsoft: "Zero trust" protects against sophisticated hacking attacks

According to Microsoft, the techniques used by the hackers of SolarWinds, were sophisticated but common and preventable. To avoid future attacks ...

US: Twitter locks Chinese embassy account due to "dehumanization"

Twitter said it locked the account of the Chinese embassy in the United States for a tweet about its women ...

Ransomware victims pay a ransom to prevent their data from being leaked

Keeping backups is very important, especially in cases of Ransomware attacks. However, it seems that the hackers are using new methods, with ...

QAnon fans: Disappointed on social media after Biden was sworn in

Some QAnon supporters have expressed frustration at online forums and chat rooms over Joe Biden's swearing-in. Most...

COVID-19: Amazon wants to help Biden distribute the vaccines

Amazon has offered to help President Biden distribute COVID-19 vaccines. The letter from Dave Clark, vice president ...

Nitro PDF: Leaked database with 77 million user files!

Hacker leaked on January 20 a stolen database containing email addresses, names and passwords for over ...

Hackers provide free online 2 million Pixlr user files!

Hackers have leaked 2 million Pixlr user files containing information that could then be used to execute ...
00:02:09

Donald Trump: Thanks to Lil Wayne, not to Julian Assange!

Outgoing US President Donald Trump will award today thanks to rapper Lil Wayne in a final wave of pardon that ...