searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert Analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • (IN)SECURE Magazine

MITM

Get our top stories in your inbox
Apple connection

AWDL flaws open Apple users to tracking, MitM, malware planting

July 31, 2019

Vulnerabilities in Apple Wireless Direct Link (AWDL), the wireless protocol that underpins Apple’s AirPlay and AirDrop services, could allow attackers to track users in …

quantum

Who’s trying to eavesdrop on your customers’ encrypted mobile traffic?

August 20, 2018

The number one source of TLS/SSL Man in the Middle (MitM) attacks on encrypted mobile traffic are not corporate firewalls or captive portals used by hotels, airports and other …

Fox IT

Security company Fox-IT reveals, details MitM attack they suffered in September

December 15, 2017

Dutch IT security consultancy/service provider Fox-IT has revealed on Thursday that it has suffered a security breach, which resulted in some files and emails sent by the …

Windows

Bugs in Windows DNS client open millions of users to attack

October 10, 2017

In this month’s Patch Tuesday, Microsoft has included fixes for multiple critical memory corruption vulnerabilities in the Windows DNS client, which could be exploited …

Bluetooth

Billions of Bluetooth-enabled devices vulnerable to new airborne attacks

September 13, 2017

Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute …

password

Password Reset MITM: Exposing the need for better security choices

June 23, 2017

Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites …

Wi-Fi

Lure10: Exploiting Wi-Fi Sense to MITM wireless Windows devices

April 26, 2017

Karma has long been a staple man-in-the-middle attack used in authorised wireless security assessments and unsanctioned ones, but as many modern operating systems now provide …

BLU Studio G

Over 2.8 million cheap Android smartphones come with preinstalled backdoor

November 21, 2016

If you’re using a cheap Android smartphone manufactured or sold by BLU, Infinix, Doogee, Leagoo, IKU, Beeline or Xolo, you are likely wide open to Man-in-the-Middle …

bug

Kaspersky Safe Browser iOS app sports MITM SSL certificate bug

August 1, 2016

Security researcher David Coomber has unearthed a vulnerability (CVE-2016-6231) in the Kaspersky Safe Browser iOS app that effectively contradicts its name. As it turns out, …

UK map

UK banking customers targeted with Retefe Trojan with MitM capabilities

June 28, 2016

UK users are the latest targets of cyber crooks leveraging the Retefe banking Trojan and a rogue root certificate. The malware is out to steal online banking credentials of …

KeePass

KeePass update check MitM flaw can lead to malicious downloads

June 2, 2016

Open source password manager KeePass sports a MitM vulnerability that could allow attackers to trick users into downloading malware disguised as a software update, security …

Bug

WPAD name collision bug opens door for MitM attackers

May 24, 2016

A vulnerability in Web Proxy Auto-Discovery (WPAD), a protocol used to ensure all systems in an organization utilize the same web proxy configuration, can be exploited to …

Posts navigation

1 2
gap

Avoiding the next breach: Four tips for securing your apps

  • How DNS filtering works and why businesses need it
  • Supply chain examination: Planning for vulnerabilities you can’t control
  • Prevent credential stuffing and account takeover attacks with these expert tips
  • 5G IoT security: Opportunity comes with risks
Spot light
Webinar: How to secure complex, multi-cloud environments

What's new

G Suite

G Suite admins get restricted security code option

contactless payment

CPoC: New data security standard for contactless payments

Earth

2020 predictions: Rising complexity of managing digital risk

tools

The rise of continuous crowdsourced security testing for compliance

gap

Avoiding the next breach: Four tips for securing your apps

lock

How do SMBs plan to improve their security posture in 2020?

Don't miss

G Suite

G Suite admins get restricted security code option

gap

Avoiding the next breach: Four tips for securing your apps

tools

The rise of continuous crowdsourced security testing for compliance

Earth

2020 predictions: Rising complexity of managing digital risk

contactless payment

CPoC: New data security standard for contactless payments

Help Net Security - Daily information security news with a focus on enterprise security.
Follow us
  • Features
  • News
  • Expert Analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • Twitter

In case you’ve missed it

  • 5G IoT security: Opportunity comes with risks
  • Preventing insider threats, data loss and damage through zero trust
  • Hackers helping communities: Leveraging OSINT to find missing persons
  • Your supplier’s BEC problem is your BEC problem

(IN)SECURE Magazine ISSUE 63 (September 2019)

  • Identifying evasive threats hiding inside the network
  • Inside the NIST team working to make cybersecurity more user-friendly
  • Report: Black Hat USA 2019
  • Healthcare’s blind spot: Unmanaged IoT and medical devices
Read online
© Copyright 1998-2019 by Help Net Security
Read our privacy policy | About us | Advertise