Posts Tagged ‘man in the middle attack’

Security Vulnerabilities in Certificate Pinning

Dec

2017

New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks. Read More

Category Vulnerabilities Written by Schneier 0 Comments

Microsoft Update and The Nightmare Scenario

Jun

2012

About 900 million Windows computers get their updates from Microsoft Update. In addition to the DNS root servers, this update system has always been considered one of the weak points of the net. Antivirus people have nightmares about a variant of malware spoofing the update mechanism and replicating via it. Turns out, it looks like […]

Category General Written by F-Secure Antivirus Research Weblog 0 Comments

‘Gadget’ in the middle: Flame malware spreading vector identified

Jun

2012

In our FAQ on Flame posted on May 28, 2012, we postulated there might be a still undiscovered zero-day vulnerability in Flame: “At the moment, we haven’t seen use of any 0-days; however, the worm is known to have infected fully-patched Windows 7 systems through the network, which might indicate the presence of a high […]

Category General Written by Securelist / Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘man in the middle attack’

Security Vulnerabilities in Certificate Pinning

Microsoft Update and The Nightmare Scenario

‘Gadget’ in the middle: Flame malware spreading vector identified

Categories

Featured

Archives

Latest Comments

About Us

Contact Us