Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites and messaging mobile applications.
The Password Reset Man in the Middle attack exploits the similarity of the registration and password reset processes. To launch such an attack, the attacker only needs to control a website. To entice victims to make an account on the malicious website, the attacker can offer free access to a wanted resource. Once the user initiates the account registration process by entering their email address, the attacker can use that information to initiate a password reset process.Read more
Researchers have devised a new attack that can decrypt secret session cookies from about 1 percent of the Internet's HTTPS traffic and could affect about 600 of the Internet's most visited sites.
For the many people that dislike corporate proxies, this probably won't be much of a surprise: a bunch of environments are vulnerable to man-in-the-middle attacks. “FalseCONNECT” is a combination of protocol bug and implementation error – which means it affects end users via operating systems, as well as network devices.
The problem is in how two Web protocols interact. If an attacker can see users' requests to connect, they can replace the proxy's OK message with “407 Proxy Authentication Required” message – and grab the victim's credentials. This is a potent attack, because the user's browser can then go ahead and establish their “trusted” connection via the proxy.Read more
Millions of Xiaomi phones are vulnerable to a flaw that could allow an attacker to remotely install malware. The vulnerability, now fixed, was found in the analytics package in Xiaomi's custom-built Android-based operating system.
Security researchers at IBM, who found the flaw, discovered a number of apps in the package that were vulnerable to a remote code execution flaw through a man-in-the-middle attack -- one of which would allow an attacker to run arbitrary code at the system-level. In other words, an attacker could inject a link to a malicious Android app package, which is extracted and executed at the system level.Read more
Android LG phones have a security vulnerability in the Update Center application which comes pre-installed on most LG phones. Researchers have discovered a vulnerability that exists on most LG phones which can potentially allow an attacker to replace an application with a malicious file that could lead to potentially disastrous consequences.
LG pre-installs custom applications on its phones which are otherwise not available for download on Google’s Play Store. Since they’re pre-loaded onto the phones, the devices contain a separate update method that fundamentally relies on a connection to a LG server.Read more
Local governments and law enforcement are becoming increasingly more reliant on networked surveillance cameras in order to monitor densely populated urban areas.
London is a notorious example of urban surveillance, where there is reportedly one camera for every 11 residents. Not surprisingly, many of these cameras, in London and elsewhere, are networked wirelessly into the Internet so they can be remotely monitored by law enforcement. Many of these wireless connections are not secure. As a result, though they are intended to combat crime, criminals.Read more
Scientists have identified weaknesses in the way popular cryptographic algorithm Diffie-Hellman key exchange is deployed – notably, they discovered an attack that could enable the reading and modifying of data passed over TLS connections.
The attack can be used by a MITM attacker to downgrade TLS connections to 512-bit export-grade cryptography that is weaker and easier to crack, thus enabling the reading and modifying of data. The attack is similar to the FREAK attack, except it attacks Diffie-Hellman key exchange as opposed to RSA key exchange, and is the result of a flaw in TLS protocol.Read more
A pair of computer scientists based in Europe have found a security vulnerability in the iPhone 5 series of smartphones that could be exploited by malicious software and compromise a user’s personal information.
The security flaw relies on steganography—the practice of hiding a message within another message. It’s related to cryptography, but whereas cryptography is the concealment of a message’s contents, steganography hides the fact that a secret message is being sent at all. Classic examples include embedding a message in a digital photo. But the computer scientists involved in the iPhone exploit have also found ways to hide messages using the network protocols.Read more
China mounted a cyberattack on users of Microsoft's Outlook email service, with the apparent goal of spying on their communications. People within China using email clients to connect to their Outlook, Hotmail or Live accounts were subjected to a "man-in-the-middle" attack in which the attacker tried to hijack what's normally a secure, encrypted connection.
The activist group believes this is the latest attempt by China to intercept and spy on communications that it can't easily monitor. Some users reported the attack when they saw error messages using email clients connecting to Outlook's servers via IMAP and SMTP, protocols used to send and receive emails.Read more
Microsoft is considering adding public-key pinning–an important defense against man-in-the-middle attacks–to Internet Explorer. The feature is designed to help protect users against the types of MITM attacks that rely on forged certificates, which comprise a large portion of those attacks.
Attackers use forged or stolen certificates to trick victims’ browsers into trusting a malicious site that the attacker controls. Public-key pinning helps prevent those attacks by binding a set of public keys issued by a trusted certificate authority to a specific domain. With that defense in place, if the user visits the site and is presented with a key that’s not part of the pinned set, the browser will reject the secure connection.Read more