TLS

PolarProxy + Docker

PolarProxy in Docker

| | AArch64, arm32, arm64, container, curl, DNAT, Docker, Dockerfile, HTTPS, pcap, PCAP-over-IP, pcapoverip, PolarProxy, proxy, TLS, TLSI, X.509, x509
Our transparent TLS proxy PolarProxy is gaining lots of popularity due to how effective it is at generating decrypted PCAP files in combination with how easy it is to deploy. In this ...
NETRESEC Network Security Blog
How To Protect Against SSL/TLS Flood Attacks Without Decryption Keys

SSL: Protective Technology Turned Attack Vector

| | ddos, encrypted attacks, encryption, HTTPS Flood Attack, ssl, SSL Attacks, TLS
SSL is increasingly being used to mask and further complicate attack traffic detection in both network and application level threats. The post SSL: Protective Technology Turned Attack Vector appeared first on Radware ...
Radware Blog
A bar chart graphic from Venafi showcases CIOs' concerns about security risks that relate to TLS certificate proliferation

New Study Finds 75% of CIOs Are Concerned About TLS Certificate-Related Security Risks

| | Industry Lowdown, Industry Research, Machine Identities, security risks, TLS
A recent survey from Venafi found that 93% of surveyed CIOs say they have over 10,000 certificates, and 74% said they’d recently experienced a certificate-related outage The post New Study Finds 75% ...
Hashed Out by The SSL Store™
Configuring Burp Suite to Proxy HTTPS Traffic on Linux

Proxying HTTPS Traffic with Burp Suite

| | Burp Suite, encryption, Penetration Testing, TLS, Web Application Security
This is easy to fix. All we need to do is tell our browser that the Burp CA can be trusted. Because every new installation of Burp generates a different CA, this ...
Professionally Evil Insights
DNS over TLS and DNS over HTTPS

DNS over TLS and DNS over HTTPS

| | Brave, Chrome, CloudFlare, Cobalt Strike, Command And Control, Corelight Labs, dns, DoH, DoT, Firefox, Godlua, goDoH, HTTPS, json, json+https, Malware, network security monitoring, network traffic analysis, opera, PsiXbot, TLS, TLS 1.3, Zeek
By Jamie Brim, Corelight Security Researcher In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). DoT and DoH were invented to address privacy concerns associated with cleartext ...
Bright Ideas Blog
Detecting GnuTLS CVE-2020-13777 using Zeek

Detecting GnuTLS CVE-2020-13777 using Zeek

| | Apache, Corelight Labs, CVE-2020-13777, GnuTLS, mitm, Network Security, network security monitoring, network traffic analysis, network visibility, Open Source Community, openssl, pcap, Public Key Cryptography, TLS, TLS 1.2, TLS 1.3, Zeek
By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their ...
Bright Ideas Blog
Analyzing Encrypted RDP Connections

Analyzing Encrypted RDP Connections

| | APT39, APT40, Corelight Labs, encryption, Microsoft, MITRE ATT&CK, MS-RDPBCGR, MS-RDPEUDP, MS-RDPEUDP2, open source, powershell, RDP, SharpRDP, SSH, TCP, TLS, Windows, Zeek
By Anthony Kasza, Corelight Security Researcher Microsoft’s Remote Desktop Protocol (RDP) is used to remotely administer systems within Windows environments. RDP is everywhere Windows is and is useful for conducting remote work ...
Bright Ideas Blog
Laptop, Raspberry Pi, PolarProxy, Internet ASCII

Discovered Artifacts in Decrypted HTTPS

| | adnxs.com, CS3, CS3Sthlm, decrypt, forensics, HTTP/2, http2, incoming.telemetry.mozilla.org, majestic, Majestik møøse, NetworkMiner, pcap, PolarProxy, reddit, telemetry, TLS, TLSI, Wireshark, x-moose, X-Proxy-Origin
We released a PCAP file earlier this year, which was recorded as part of a live TLS decryption demo at the CS3Sthlm conference. The demo setup used PolarProxy running on a Raspberry ...
NETRESEC Network Security Blog
TLS Termination Proxy

Reverse Proxy and TLS Termination

| | ALPN, certbot, decrypt, http, HTTPS, IMAPS, Let's Encrypt, pcap, PolarProxy, reverse proxy, reverse SSL proxy, reverse TLS proxy, SNI, ssl, TLS, TLS Termination Proxy
PolarProxy is primarily a TLS forward proxy, but it can also be used as a TLS termination proxy or reverse TLS proxy to intercept and decrypt incoming TLS traffic, such as HTTPS ...
NETRESEC Network Security Blog

IoT Device Attacks, FCC Fines Mobile Carriers, Let’s Encrypt Certificate Bug

| | ajit pai, Cybersecurity, Data breach, Data Privacy, fcc, HTTPS, Internet of things, iot, Let's Encrypt, location data, Mobile, passwords, Podcast, Podcast Episodes, Privacy, smartphone, ssl, T-Mobile, TLS, Weekly Blaze Podcast
In episode 111 for March 9th 2020: A new report shows that attacks on Internet of Things devices are on the rise, the FCC fines major mobile carriers for selling users’ location ...
Shared Security Podcast
Load more