maninthemiddleattacks – SSL and internet security news

Critical Windows Vulnerability Discovered by NSA

January 15, 2020 infossl

certificates, cryptography, encryption, exploits, maninthemiddleattacks, microsoft, nsa, Security technology, vulnerabilities, windows, zeroday

Yesterday’s Microsoft Windows patches included a fix for a critical vulnerability in the system’s crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was … Read More “Critical Windows Vulnerability Discovered by NSA” »

The NSA Warns of TLS Inspection

November 22, 2019 infossl

certificates, cryptanalysis, encryption, maninthemiddleattacks, nsa, Security technology, tls, trafficanalysis

The NSA has released a security advisory warning of the dangers of TLS inspection: Transport Layer Security Inspection (TLSI), also known as TLS break and inspect, is a security process that allows enterprises to decrypt traffic, inspect the decrypted content for threats, and then re-encrypt the traffic before it enters or leaves the network. Introducing … Read More “The NSA Warns of TLS Inspection” »

New DNS Hijacking Attacks

April 18, 2019 infossl

dns, espionage, hacking, maninthemiddleattacks, Security technology

DNS hijacking isn’t new, but this seems to be an attack of unprecedented scale: Researchers at Cisco’s Talos security division on Wednesday revealed that a hacker group it’s calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organizations. In the process, they went so far as to compromise … Read More “New DNS Hijacking Attacks” »

Details on Recent DNS Hijacking

February 20, 2019 infossl

dhs, dns, maninthemiddleattacks, Security technology

At the end of January, the US Department of Homeland Security issued a warning regarding serious DNS hijacking attempts against US government domains. Brian Krebs wrote an excellent article detailing the attacks and their implications. Strongly recommended. Powered by WPeMatico

Real-Time Attacks Against Two-Factor Authentication

December 14, 2018 infossl

authentication, email, maninthemiddleattacks, phishing, Security technology, twofactorauthentication

Attackers are targeting two-factor authentication systems: Attackers working on behalf of the Iranian government collected detailed information on targets and used that knowledge to write spear-phishing emails that were tailored to the targets’ level of operational security, researchers with security firm Certfa Lab said in a blog post. The emails contained a hidden image that … Read More “Real-Time Attacks Against Two-Factor Authentication” »

Security Vulnerabilities in Certificate Pinning

December 8, 2017 infossl

academicpapers, certificates, maninthemiddleattacks, Security technology, vpn, vulnerabilities

New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks. From the paper: Abstract: Certificate verification is a crucial stage in the establishment of a TLS connection. A common security flaw in TLS implementations is the lack of … Read More “Security Vulnerabilities in Certificate Pinning” »

Man-in-the-Middle Attack against Electronic Car-Door Openers

November 28, 2017 infossl

cars, keys, maninthemiddleattacks, Security technology, theft

This is an interesting tactic, and there’s a video of it being used: The theft took just one minute and the Mercedes car, stolen from the Elmdon area of Solihull on 24 September, has not been recovered. In the footage, one of the men can be seen waving a box in front of the victim’s … Read More “Man-in-the-Middle Attack against Electronic Car-Door Openers” »

Cybercriminals Infiltrating E-Mail Networks to Divert Large Customer Payments

November 7, 2017 infossl

cybercrime, email, fraud, maninthemiddleattacks, Security technology

There’s a new criminal tactic involving hacking an e-mail account of a company that handles high-value transactions and diverting payments. Here it is in real estate: The scam generally works like this: Hackers find an opening into a title company’s or realty agent’s email account, track upcoming home purchases scheduled for settlements — the pricier … Read More “Cybercriminals Infiltrating E-Mail Networks to Divert Large Customer Payments” »

A Man-in-the-Middle Attack against a Password Reset System

July 3, 2017 infossl

academicpapers, maninthemiddleattacks, passwords, Security technology, securityengineering

This is nice work: “The Password Reset MitM Attack,” by Nethanel Gelerntor, Senia Kalma, Bar Magnezi, and Hen Porcilan: Abstract: We present the password reset MitM (PRMitM) attack and show how it can be used to take over user accounts. The PRMitM attack exploits the similarity of the registration and password reset processes to launch … Read More “A Man-in-the-Middle Attack against a Password Reset System” »

Separating the Paranoid from the Hacked

June 26, 2017 infossl

hacking, impersonation, maninthemiddleattacks, passwords, Security technology

Sad story of someone whose computer became owned by a griefer: The trouble began last year when he noticed strange things happening: files went missing from his computer; his Facebook picture was changed; and texts from his daughter didn’t reach him or arrived changed. “Nobody believed me,” says Gary. “My wife and my brother thought … Read More “Separating the Paranoid from the Hacked” »