Microsoft Windows CryptoAPI Spoofing Vulnerability

Microsoft Windows is a Windows operating system released by Microsoft Corporation in the U.S. Microsoft CryptoAPI is a Windows Security Services API provided by Microsoft to developers for cryptographic applications to encrypt, decrypt, sign, and verify data. A spoofing vulnerability exists in...

CVE-2014-2271

cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java...

Inspecting TLS Web Traffic - Part 2

In the first blog post I covered why HTTPS web traffic has grown to unprecedented levels, provided a TLS primer and looked at the basic concept of intercepting and inspecting HTTPS web traffic with Man-In-The-Middle techniques MITM. In the second part, I will dive a bit deeper into how the TLS MI...

New Reductor Malware Hijacks HTTPS Traffic

Researchers have discovered a new malware strain, dubbed Reductor, that allows hackers to manipulate Hypertext Transfer Protocol Secure HTTPS traffic by tweaking a browser’s random numbers generator, used to ensure a private connection between the client and server. Once infected, Reductor is use...

iLO 2 <= 2.23 Denial of Service Vulnerability

A denial of service DoS vulnerability exists in Integrated Lights-Out iLO 2 due to incorrect handling of https traffic. An unauthenticated, remote attacker can exploit this issue to cause the application to stop responding. C Tenable Network Security, Inc. include"compat.inc"; if description...

Best security practices for Trusted TLS Intermediary

According to Google over 75% of public websites are accessed over encrypted connections using HTTPS, with the use of HTTP diminishing. As expected, the bad actors are following the crowds, and using HTTPS to hide their activities. So how can security solutions such as ETP Threat Protector detect...

ThreatList: A Ranking of Airports By Riskiest WiFi Networks

With time to spare at an airport, fliers don’t think twice about cracking open their laptops and taking advantage of one of many free WiFi hotspots. But they should, warns Coronet. Coronet, which sells wireless network security products, recently published its list of best and worst airport WiFi...

Empire GUI - Empire Client Application

The Empire Multiuser GUI is a graphical interface to the Empire post-exploitation Framework. It was written in Electron and utilizes websockets SocketIO on the backend to support multiuser interaction. The main goal of this project is to enable red teams, or any other color team, to work together...

Hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs...

WebClientPrint Processor 2.0.15.109 TLS Validation Vulnerability

RedTeam Pentesting discovered that WebClientPrint Processor WCPP does not validate TLS certificates when initiating HTTPS connections. Thus, a man-in-the-middle attacker may intercept and/or modify HTTPS traffic in transit. This may result in a disclosure of sensitive information and the integrit...

Superior and safe user experiences with the Akamai Cloud Delivery Platform

Your customers are unique and they all expect fast, secure, personalized digital experiences. They are spread across the world, in regions of varying network connectivity, utilize a plethora of devices and screen sizes - making it challenging to deliver your experiences. By delivering 95 Exabytes...

PT-2016-6905 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco ASA Software versions prior to 9.61.5 Description: A vulnerability in the local Certificate Authority CA feature could allow an unauthenticated, remote attacker to cause a reload of the affected system. The issue is due to improper...

WiFi-Pumpkin v0.8.1 - Framework for Rogue Wi-Fi Access Point Attack

Framework for Rogue Wi-Fi Access Point Attack Description WiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5 Python 2.7 git clone...

WiFi-Pumpkin v0.7.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer t...

High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic

OpenSSL has released a series of patches against six vulnerabilities, including a pair of high-severity flaws that could allow attackers to execute malicious code on a web server as well as decrypt HTTPS traffic. OpenSSL is an open-source cryptographic library that is the most widely being used b...

OpenSSL high-risk vulnerabilities allow attackers to decrypt HTTPS traffic-bug warning-the black bar safety net

OpenSSL maintainer to fix a high risk vulnerability allows an attacker can obtain the decryption of HTTPS and other encrypted traffic key. Vulnerability the potential impact of While serious, but the need to meet multiple criteria to be used: the vulnerability exists only in OpenSSL 1.0.2; rely o...

CVE-2015-6276

Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID...

Improper access control

Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID...

McAfee ePolicy Orchestrator Man-in-the-Middle Attack Vulnerability (Jun 2015)

McAfee ePolicy Orchestrator is prone to a man-in-the-middle MITM vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2015-1843

The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position...