HTTPS

Fileless Malware, Endpoint Attacks on the Rise
Cybercriminals are increasingly leveraging fileless malware, cryptominers and encrypted attacks, targeting users both at remote locations as well as corporate assets behind the traditional network perimeter. These were among the findings of ...

Chrome to Enforce HTTPS Web Protocol (Like It or Not)
What a difference an ‘s’ makes. This seemingly unimportant change could have a big—if unseen—impact ...

Getting the most out of your NIDS
By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...
HTTP vs. HTTPS: How one letter can make a difference
You probably overlook it, and yet that letter protects your data every day. On March 12, 2021, the World […] The post HTTP vs. HTTPS: How one letter can make a difference ...
It’s Always DNS – But Not in the Way You May Think
A popular joke among technologists says that it’s always DNS, even when it initially didn’t seem that way. DNS issues come in many shapes and forms, including some often-overlooked security issues. DNS ...
Oblivious DNS-over-HTTPS
This new protocol, called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP. Here’s how it works: ODoH wraps a layer of encryption around the DNS query and passes it ...

Kazakhstan Spies on its People via Man-in-the-Middle Attack, Again
The Kazakh government is forcing its citizens to install a spyware root certificate, allowing authorities to crack open TLS traffic, such as HTTPS ...

APWG Q3 Report: Four Out of Five Criminals Prefer HTTPS
The Anti-Phishing Working Group (APWG), known for its collaborative analysis of phishing attacks and identify theft techniques, has released its Phishing Activity Trends Report for Q3 of 2020. Highlights from the report ...

Capturing Decrypted TLS Traffic with Arkime
The latest version of Arkime (The Sniffer Formerly Known As Moloch) can now be fed with a real-time stream of decrypted HTTPS traffic from PolarProxy. All that is needed to enable this ...

Capturing Decrypted TLS Traffic with Arkime
The latest version of Arkime (The Sniffer Formerly Known As Moloch) can now be fed with a real-time stream of decrypted HTTPS traffic from PolarProxy. All that is needed to enable this ...