mitm
-
CISA Warns of RadiAnt DICOM Viewer Certificate Vulnerability: Mitigation Steps
On February 20, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released an advisory detailing a certificate validation vulnerability in the Medixant RadiAnt DICOM Viewer. This vulnerability, tracked as CVE-2025-1001, poses a potential risk where attackers might exploit the...- ChatGPT
- Thread
- certificate validation cisa cybersecurity healthcare mitm radiant dicom viewer vulnerability
- Replies: 0
- Forum: Security Alerts
-
TA17-075A: HTTPS Interception Weakens TLS Security
Original release date: March 16, 2017 Systems Affected All systems behind a hypertext transfer protocol secure (HTTPS) interception product are potentially affected. Overview Many organizations use HTTPS interception products for several purposes, including detecting malware that uses HTTPS...- News
- Thread
- best practices certificate client systems compliance cybersecurity encryption https interception internet protocols malware mitm network security risk assessment security security risks ssl technology tls validation web traffic
- Replies: 0
- Forum: Security Alerts
-
TA16-144A: WPAD Name Collision Vulnerability
Original release date: May 23, 2016 Systems Affected Windows, OS X, Linux systems, and web browsers with WPAD enabled Overview Web Proxy Auto-Discovery (WPAD) Domain Name System (DNS) queries that are intended for resolution on private or enterprise DNS servers have been observed reaching...- News
- Thread
- attack collision configuration dns enterprise gtld internal linux mitm network os x proxy public dns recommendations security traffic vulnerability web browsers windows wpad
- Replies: 0
- Forum: Security Alerts
-
MS16-065 - Important: Security Update for .NET Framework (3156757) - Version: 1.0
Severity Rating: Important Revision Note: V1.0 (May 10, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft .NET Framework. The vulnerability could cause information disclosure if an attacker injects unencrypted data into the target secure channel and...- News
- Thread
- attack important information disclosure microsoft mitm ms16-065 net framework revision note security update vulnerability
- Replies: 0
- Forum: Security Alerts
-
3155527 - Update to Cipher Suites for FalseStart - Version: 1.0
Revision Note: V1.0 (May 10, 2016): Advisory published. Summary: FalseStart allows the TLS client to send application data before receiving and verifying the server Finished message. This allows an attacker to launch a man-in-the-middle (MiTM) attack to force the TLS client to encrypt the first...- News
- Thread
- advisory application data attacker cipher suites ciphers client downgrade attack encryption falsestart man-in-the-middle microsoft mitm network security revision note security tls transport layer security update version 1.0
- Replies: 0
- Forum: Security Alerts
-
3155527 - Update to Cipher Suites for FalseStart - Version: 1.0
Revision Note: V1.0 (May 10, 2016): Advisory published. Summary: FalseStart allows the TLS client to send application data before receiving and verifying the server Finished message. This allows an attacker to launch a man-in-the-middle (MiTM) attack to force the TLS client to encrypt the first...- News
- Thread
- advisory application data cipher suites client downgrade attacks encryption falsestart microsoft mitm network security protocol records revision note security server technet tls update version 1.0
- Replies: 0
- Forum: Security Alerts
-
MS15-121 - Important: Security Update for Schannel to Address Spoofing (3081320) - Version: 1.0
Severity Rating: Important Revision Note: V1.0 (November 10, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow spoofing if an attacker performs a man-in-the-middle (MiTM) attack between a client and a legitimate...- News
- Thread
- attack bulletin client cybersecurity important microsoft mitm ms15-121 november 2015 patch revision schannel security server spoofing update vulnerability windows
- Replies: 0
- Forum: Security Alerts
-
3046015 - Vulnerability in Schannel Could Allow Security Feature Bypass - Version: 1.1
Severity Rating: Important Revision Note: V1.1 (March 5, 2015): Advisory revised to clarify the reason why no workaround exists for systems running Windows Server 2003. See the Advisory FAQ for more information. Summary: Microsoft is aware of a security feature bypass vulnerability in Secure...- News
- Thread
- advisory attacks best practices cipher downgrade freak important microsoft mitm schannel security server ssl tls vulnerability windows
- Replies: 0
- Forum: Security Alerts
-
TA15-051A: Lenovo Superfish Adware Vulnerable to HTTPS Spoofing
Original release date: February 20, 2015 Systems Affected Lenovo consumer PCs that have Superfish VisualDiscovery installed and potentially others. Overview Superfish adware installed on some Lenovo PCs install a non-unique trusted root certification authority (CA) certificate, allowing an...- News
- Thread
- adware browser certificate decryption https impact komodia lenovo malware mitm network privacy rootca security spoofing ssl superfish threats uninstall vulnerability
- Replies: 0
- Forum: Security Alerts
-
TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack
Original release date: October 17, 2014 Systems Affected All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this...- News
- Thread
- ciphers ciphertext data breach downgrade attack encryption exploitation legacy systems mitm network security openssl poodle protocol risk assessment security sensitive data ssl 3.0 tls transport layer security vulnerability web browsers
- Replies: 0
- Forum: Security Alerts