Hot Topics

mitm

‘BrutePrint’ Unlocks Android Phones — Chinese Researchers

‘BrutePrint’ Unlocks Android Phones — Chinese Researchers

| | android, Authentication, authentication bypass, biometric, biometric authentication, biometric security, biometrics authentication, Biometrics-Based Authentication, BrutePrint, fingerprint, Fingerprint Scanners, fingerprint scanning, fingerprint sensors, fingerprints, iot, Man In The Middle, man in the middle attack, man in the middle attacks, mitm, MitM Attack, mitm attacks, SB Blogwatch, Trusted Execution Environment
Or, at least, OLDER phones: SPI/TEE MITM FAIL ...
Security Boulevard
RAT Borat Trojan Kazakhstan

Kazakhstan Spies on its People via Man-in-the-Middle Attack, Again

| | HTTPS, Kazakhstan, mitm, root certificates, SB Blogwatch, TLS
The Kazakh government is forcing its citizens to install a spyware root certificate, allowing authorities to crack open TLS traffic, such as HTTPS ...
Security Boulevard
Detecting GnuTLS CVE-2020-13777 using Zeek

Detecting GnuTLS CVE-2020-13777 using Zeek

| | Apache, Corelight Labs, CVE-2020-13777, GnuTLS, mitm, Network Security, network security monitoring, network traffic analysis, network visibility, Open Source Community, openssl, pcap, Public Key Cryptography, TLS, TLS 1.2, TLS 1.3, Zeek
By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their ...
Bright Ideas Blog

Bad Actors Using MitM Attacks against ASUS to Distribute Plead Backdoor

| | backdoor, IT Security and Data Protection, Latest Security News, mitm, Plead
Researchers believe bad actors are using man-in-the-middle (MitM) attacks against ASUS software to distribute the Plead backdoor. Near the end of April 2019, researchers at ESET observed several attack attempts that both ...
The State of Security
Lenovo Watch X Pairing - A Little Too Easy

Your Lenovo Watch X Is Watching You & Sharing What It Learns

| | , BLE, Blog, bluetooth, Checkmarx Security Research Team, Internet of things, iot, Lenovo Watch X, mitm, smart watch, Sniffing, Technical Blog
A friend of mine offered me a Lenovo Watch X – which costs around €60 – in return for helping him with a security project. I was impressed with the design and ...
Blog – Checkmarx
10 Tips to Take Control of Your Public Wi-Fi Security

10 Tips to Take Control of Your Public Wi-Fi Security

| | AppSec Tips & Best Practices, Blog, HTTPS, Man In The Middle, mitm, public Wi-Fi, public Wi-Fi security, public wireless security, ssl, virtual private network, VPN
The amazing ability to surf from anywhere sometimes distracts us from a very basic fact: the information may flow to us – but it can flow from us, in other, undesirable directions.So ...
Blog – Checkmarx

A week in security (July 9 – July 15)

| | ad blockers, android malware, crypto mining, Data breach, domestic abuse, facebook, ico fraud, mitm, Multi-Factor Authentication, prime day 2018, Security world, Spectre, Threat Intel, Week in security
A roundup of the security news from July 9 - July 15, including sextortion, Spectre, cryptomining, mobile malware, ICO scams and more. Categories: Security world Week in security Tags: ad blockersandroid malwarecrypto ...
Malwarebytes Labs

When three isn’t a crowd: Man-in-the-Middle (MitM) attacks explained

| | catchapp, FYI, https everywhere, Man In The Middle, Man-in-the-browser, man-in-the-cloud-man-in-the-iot, mitm, Phishing, spyeye, Superfish, wi-fi eavesdropping, zeus
Maybe it’s the quirky way some tech writers abbreviate it, or the surreal way it reminded you of that popular Michael Jackson song. Whatever triggers you to remember the term, for most ...
Malwarebytes Labs

ZipperDown: Remote Code Execution Attack on iOS Apps

| | .zip, Android vulnerability, insecure mobile apps, iOS Vulnerability, mitm, mobile app risk, Mobile Security Insights, mobile threat protection, Mobile Threat Research, Pangu Lab, Remote Code Execution, remote code execution attack, risky mobile apps, unencrypted wifi, unencrypted zip files, vulnearbilities, zip files, ZipperDown
On May 15, 2018, Pangu Lab announced the ZipperDown vulnerability, which allows a remote code execution attack on iOS apps. Although Pangu Lab did not disclose the details of the ZipperDown vulnerability, ...
Mobile Threat Blog Posts | Appthority

Mobile security: Enterprise data via mobile is the next frontier for cyber criminals

| | app-security, Data Privacy, eavesdropper, enterprise app risks, enterprise mobile security, enterprise mobile threats, Hackers, HospitalGown, Malware, mitm, Mobile Security, Mobile Security Insights, Mobile Security Tips, Ransom, sensitive data, Uber, Vulnerabilities
2018 will be the year cyber criminals focus on enterprise mobile security weak spots, exploiting them to harvest sensitive information. All organizations face new security challenges as their workers increasingly go mobile ...
Mobile Threat Blog Posts | Appthority
Load more