Security researchers at Fidelis have published a proof-of-concept framework for a new covert channel for data exchange using the Transport Layer Security (TLS) protocol. The method leverages the public key certificate standard X.509 and could allow for post-intrusion C2 communication and data exfiltration without alerting network perimeter protections. Justin Jett, Director of Audit and Compliance at Plixer commented below.
Justin Jett, Director of Audit and Compliance at Plixer:
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.