maninthemiddleattacks Archives

Hot Topics

‘Blast-RADIUS’ Critical Bug Blows Up IT Vacation Plans

Richi Jennings | July 10, 2024 | blast radius, collision-based-hashing-algorithm-disclosure, CVE-2024-3596, hash, hash algorithms, hash function, hash functions, Man In The Middle, man in the middle attack, man in the middle attacks, maninthemiddleattacks, md5 hash, men-in-the-middle attack, mitm, MitM Attack, mitm attacks, RADIUS, SB Blogwatch

MD5 MITM Muddle: Ancient, widely used protocol has CVSS 9.0 vulnerability ...

Security Boulevard

Critical Windows Vulnerability Discovered by NSA

Bruce Schneier | January 15, 2020 | certificates, cryptography, encryption, Exploits, maninthemiddleattacks, Microsoft, nsa, Windows, zeroday

Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates ...

Schneier on Security

The NSA Warns of TLS Inspection

Bruce Schneier | November 22, 2019 | certificates, cryptanalysis, encryption, maninthemiddleattacks, nsa, TLS, trafficanalysis

The NSA has released a security advisory warning of the dangers of TLS inspection: Transport Layer Security Inspection (TLSI), also known as TLS break and inspect, is a security process that allows ...

Schneier on Security

New DNS Hijacking Attacks

Bruce Schneier | April 18, 2019 | dns, Espionage, Hacking, maninthemiddleattacks

DNS hijacking isn't new, but this seems to be an attack of unprecedented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a hacker group it's calling Sea Turtle carried ...

Schneier on Security