whitehartstag writes "Black Hat 08 disclosed several SSL VPN and DNS vulnerabilities that caused several people to sit up and take notice. Some of these new exploits performed a brilliant Man-In-The-Middle attack on SSL VPN tunnels. This article walks you... ...full story at slashdot
from slashdot on Mon, Aug 18 2008
see also:
| 23 Dec 08 |
  |
Perfect MITM Attacks With No-Check SSL Certs » slashdot StartCom writes "In a previous article I reported about Man-In-The-Middle attacks and spotlighted an example showing that they really happen. MITM attacks just got easier. In the attack described previously, untrusted certificates from an unknown issuer... |
| 05 Nov 09 |
|
Man-In-the-Middle Vulnerability For SSL and TLS » slashdot imbaczek writes "The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer to inject a chosen plaintext prefix into the encrypted data stream, often without... |
| 23 Feb 09 |
|
SSLStrip Now In the Wild » slashdot An anonymous reader writes "Moxie Marlinspike, who last week presented his controversial SSL stripping attacks at Black Hat Federal, appears to have released his much-anticipated demonstration tool for performing MITM attacks against would-be SSL... |
| 08 Feb 10 |
|
Zero-Day Vulnerabilities On the Market » slashdot An anonymous reader writes "Zero-day vulnerabilities have become prized possessions to attackers and defenders alike. As the recent China-Google attack demonstrated, they are the basis on which most of the successful attacks are crafted these days. There... |
| 09 Feb 08 |
|
Adobe PDF Exploits In the Wild » slashdot mambosauce writes "Brian Krebs, via the security fix blog is reporting that the recent PDF vulnerabilities which were patched only for Adobe Reader 8 and not 7 are being exploited via banner ads. As if there haven't been enough banner ad attacks this year... |
china
thailand
japan
technology