NSA Warns Of Wildcard TLS Certificate Dangers, Expert Reacted

LastPass: DevOps Engineer Breached To Steal Password Vault Data

BACKGROUND:

The NSA is warning organizations to avoid using wildcard digital encryption certificates in order to minimize the risk from a new form of TLS traffic decryption attacks, dubbed “ALPACA.”
This attack, discovered in June, allows threat actors to confuse machine identities that run multiple protocols and trick servers to respond to encrypted HTTPS requests through unencrypted protocols. These unencrypted responses offer a means for cybercriminals to steal cookies and private user data.

About the Author

ISBuzz Team

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

Examining the Role of Asset Recovery in Safeguarding Data: Ten Points IT Professionals Should Know

An Ultimate Guide to Exchange Server Database Recovery

3 Key DSPM Takeaways from the Latest Gartner Report

Working With Us

Write For Us

The Pages