Bypassing MiniUPnP Stack Smashing Protection
By Talos Group This post was authored by Aleksandar Nikolic, Warren Mercer, and Jaeson Schultz. Summary MiniUPnP is commonly used to allow two devices which are behind NAT firewalls to communicate with each other by opening connections in each of the firewalls, commonly known as “hole punching”. Various software implementations of this technique enable various […]
Where is my (intermediate) TLS certificate?
By Tobias Mayer When dealing with TLS connections, it is important to understand how a client (in most cases this is a web browser) will be acting. Let’s quickly check some of the steps that are happening when a TLS connection is made. A web server will send its certificate down to the requesting client […]
Where is my (intermediate) TLS certificate?
By Tobias Mayer When dealing with TLS connections, it is important to understand how a client (in most cases this is a web browser) will be acting. Let’s quickly check some of the steps that are happening when a TLS connection is made. A web server will send its certificate down to the requesting client […]
Link Arms Against the Attackers: Observations from the 2016 Cisco ASR
By Martin Nystrom Remember 2007, when the underground economy began to flourish, using simple protocols and static subnet ranges to control their infrastructure? That was the same year Cisco published the first Annual Security Report (ASR) . Nine years later, the drumbeat of cyberthreats grow louder, but the actors and threats are familiar, just as […]
Link Arms Against the Attackers: Observations from the 2016 Cisco ASR
By Martin Nystrom Remember 2007, when the underground economy began to flourish, using simple protocols and static subnet ranges to control their infrastructure? That was the same year Cisco published the first Annual Security Report (ASR) . Nine years later, the drumbeat of cyberthreats grow louder, but the actors and threats are familiar, just as […]
McAfee Mail Security – End of Sales
McAfee Mail Security – End of Sales Intel Security stellt den Verkauf der Gateway-Security Produkte von McAfee ein. Dies zeichnete sich bereits ab, da die Lösung im Januar 2014 (VBSpam) letztmalig extern getestet wurde. Mit unserem Technologie-Partner Fortinet bieten wir einen einfachen Weg, Ihren Mailverkehr auch weiterhin aktuell zu schützen. FortiMail bietet „Top Rated Protection“ – […]
Hiding in Plain Sight: Malware’s Use of TLS and Encryption
By Blake Anderson Introduction TLS (Transport Layer Security) is a cryptographic protocol that provides privacy for applications. TLS is usually implemented on top of common protocols such as HTTP for web browsing or SMTP for email. HTTPS is the usage of TLS over HTTP, which is the most popular way of securing communication between a […]