Category: certificates

Auto Added by WPeMatico

Messaging Service Wiretap Discovered through Expired TLS Cert

Posted on By infossl
certificates, man-in-the-middle attacks, privacy, Security technology, surveillance, tls, Uncategorized

Fascinating story of a covert wiretap that was discovered because of an expired TLS certificate: The suspected man-in-the-middle attack was identified when the administrator of jabber.ru, the largest Russian XMPP service, received a notification that one of the servers’ certificates had expired. However, jabber.ru found no expired certificates on the server, ­ as explained in … Read More “Messaging Service Wiretap Discovered through Expired TLS Cert” »

An Untrustworthy TLS Certificate in Browsers

Posted on By infossl
browsers, certificates, Security technology, tls, trust, Uncategorized

The major browsers natively trust a whole bunch of certificate authorities, and some of them are really sketchy: Google’s Chrome, Apple’s Safari, nonprofit Firefox and others allow the company, TrustCor Systems, to act as what’s known as a root certificate authority, a powerful spot in the internet’s infrastructure that guarantees websites are not fake, guiding … Read More “An Untrustworthy TLS Certificate in Browsers” »

The Misaligned Incentives for Cloud Security

Posted on By infossl
certificates, cloud computing, cyberattack, cyberespionage, essays, externalities, hacking, russia, Security technology, Uncategorized

Russia’s Sunburst cyberespionage campaign, discovered late last year, impacted more than 100 large companies and US federal agencies, including the Treasury, Energy, Justice, and Homeland Security departments. A crucial part of the Russians’ success was their ability to move through these organizations by compromising cloud and local network identity systems to then access cloud accounts … Read More “The Misaligned Incentives for Cloud Security” »

Let’s Encrypt Vulnerability

Posted on By infossl
certificates, encryption, Security technology, vulnerabilities

The BBC is reporting a vulnerability in the Let’s Encrypt certificate service: In a notification email to its clients, the organisation said: “We recently discovered a bug in the Let’s Encrypt certificate authority code. “Unfortunately, this means we need to revoke the certificates that were affected by this bug, which includes one or more of … Read More “Let’s Encrypt Vulnerability” »

Critical Windows Vulnerability Discovered by NSA

Posted on By infossl
certificates, cryptography, encryption, exploits, maninthemiddleattacks, microsoft, nsa, Security technology, vulnerabilities, windows, zeroday

Yesterday’s Microsoft Windows patches included a fix for a critical vulnerability in the system’s crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was … Read More “Critical Windows Vulnerability Discovered by NSA” »

The NSA Warns of TLS Inspection

Posted on By infossl
certificates, cryptanalysis, encryption, maninthemiddleattacks, nsa, Security technology, tls, trafficanalysis

The NSA has released a security advisory warning of the dangers of TLS inspection: Transport Layer Security Inspection (TLSI), also known as TLS break and inspect, is a security process that allows enterprises to decrypt traffic, inspect the decrypted content for threats, and then re-encrypt the traffic before it enters or leaves the network. Introducing … Read More “The NSA Warns of TLS Inspection” »

NordVPN Breached

Posted on By infossl
breaches, certificates, cryptography, disclosure, encryption, keys, Security technology, vpn

There was a successful attack against NordVPN: Based on the command log, another of the leaked secret keys appeared to secure a private certificate authority that NordVPN used to issue digital certificates. Those certificates might be issued for other servers in NordVPN’s network or for a variety of other sensitive purposes. The name of the … Read More “NordVPN Breached” »

New Reductor Nation-State Malware Compromises TLS

Posted on By infossl
attribution, certificates, kaspersky, malware, randomnumbers, russia, Security technology, tls

Kaspersky has a detailed blog post about a new piece of sophisticated malware that it’s calling Reductor. The malware is able to compromise TLS traffic by infecting the computer with hacked TLS engine substituted on the fly, “marking” infected TLS handshakes by compromising the underlining random-number generator, and adding new digital certificates. The result is … Read More “New Reductor Nation-State Malware Compromises TLS” »

CAs Reissue Over One Million Weak Certificates

Posted on By infossl
authentication, certificates, encryption, randomnumbers, Security technology

Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to the layman, but that one bit change means that the serial numbers only have half the … Read More “CAs Reissue Over One Million Weak Certificates” »

Detecting Phishing Sites with Machine Learning

Posted on By infossl
certificates, machinelearning, phishing, Security technology, spoofing

Really interesting article: A trained eye (or even a not-so-trained one) can discern when something phishy is going on with a domain or subdomain name. There are search tools, such as Censys.io, that allow humans to specifically search through the massive pile of certificate log entries for sites that spoof certain brands or functions common … Read More “Detecting Phishing Sites with Machine Learning” »