Detecting GnuTLS CVE-2020-13777 using Zeek

Detecting GnuTLS CVE-2020-13777 using Zeek

By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their ...
Protecting Infrastructure With TLS Client Authentication

Protecting Infrastructure With TLS Client Authentication

Here at Threat Stack we really like Yubikeys — and they’re a critical part of our security program. Many folks know Yubikeys for their ability to generate one-time codes for use as ...
EH-Net - Daw - Ease Me Into Cryptography Part 4: TLS

Ease Me Into Cryptography Part 4: TLS – Applied Cryptographic Foundations

You made it to part 4! Here’s a quick overview of what we have broken down so far. We started with some basic vocabulary for cryptographic building blocks and talked about hash ...