Man-In-The-Middle Attacks

Business travellers putting organisations' cyber-security at risk

Business travellers putting organisations' cyber-security at risk

By

Private and corporate data are targets for hackers who are focussing their attention on rushed and stressed business people on the move.

Lenovo urges customers to uninstall dangerously flawed app from its systems

Lenovo urges customers to uninstall dangerously flawed app from its systems

By

Exploit could lead to man-in-the-middle attack against desktop and laptop systems running the Lenovo Accelerator Application.

Baidu browser found to drip personal data in the clear

Baidu browser found to drip personal data in the clear

By

The Baidu browser for Android and Windows has been shown by Toronto-based CitizenLab to not only collect the personal information of its users and send it back to the company's servers but do so with weak, or nonexistent, encryption.

ICYMI: New PayPal spam; WEF top risks; Ukraine cyber-attack; OpenSSH vulnerabilities; IoT Doorbell flawed;

ICYMI: New PayPal spam; WEF top risks; Ukraine cyber-attack; OpenSSH vulnerabilities; IoT Doorbell flawed;

By

The latest In Case You Missed It (ICYMI) looks at a new type of PayPal spam, WEF names cyber-attacks as one of its top three threats, Ukraine suffers major cyber-attack on main airport, OpenSSH open to MitM attacks and the IoT doorbell that reveals its owners wifi key.

Star Wars BB-8 vulnerable to firmware hacking

Star Wars BB-8 vulnerable to firmware hacking

By

Pen-testers manage to access insecure firmware update process on Star Wars BB-8

Drupal install process appears to be dripping

By

Thanks to a broken update procedure, installations of the Drupal CMS appear to be telling users that they are up-to-date despite still using older software.

Cyber-criminals could launch man-in-the-middle attack on Xbox Live users

Cyber-criminals could launch man-in-the-middle attack on Xbox Live users

By

Xbox Live keys "inadvertently disclosed"

Internet of malicious things: Yale home automation vulnerable

Internet of malicious things: Yale home automation vulnerable

By

The Yale Home System (Europe) Android application vulnerable to a man-in-the-middle attack due to TLS errors .

The Vawtrak Trojan reemerges tougher and sneakier

The Vawtrak Trojan reemerges tougher and sneakier

By

The Vawtrak bug back and meaner than ever, say Proofpoint researchers

Researcher warns of vulnerability in Popcorn Time

Researcher warns of vulnerability in Popcorn Time

By

Hackers could gain control of PC using 'Netflix for pirates' using its connection to CloudFlare made over HTTP instead of HTTPs to allow man in the middle attack.

ICYMI: WordPress XSS flaw, costly breaches & the return of Snooper's Charter

ICYMI: WordPress XSS flaw, costly breaches & the return of Snooper's Charter

By

The latest ICYMI column looks at the latest WordPress XSS flaw, costly data breaches and the return of the controversial "Snooper's Charter".

ICYMI: Lenovo MiTM bug, 'hero' Snowden & cyber-insurance trust

ICYMI: Lenovo MiTM bug, 'hero' Snowden & cyber-insurance trust

By

This week's In Case You Missed It (ICYMI) column looks at the latest Lenovo flaw, Edward Snowden's standing in the UK, trust in cyber-insurance and a new version of TorrentLocker.

Updated: PC maker Lenovo exposes users to "massive security risk"

Updated: PC maker Lenovo exposes users to "massive security risk"

By

World number one PC maker Lenovo has been accused of running a "massive security risk" because flaws in its online product update service allow hackers to download malware onto its users' systems through a man-in-the-middle (MiTM) attack.

Son of Superfish, Lenovo bloatware variants start to surface

Son of Superfish, Lenovo bloatware variants start to surface

There are as many as a dozen variants of the Superfish bloatware found last week on Lenovo laptops, it has been discovered.

Pre-installed Lenovo adware hijacks TLS/SSL encryption

Pre-installed Lenovo adware hijacks TLS/SSL encryption

By

Lenovo's consumer laptops ran pre-installed adware/malware which could be used to intercept and hijack encrypted SSL/TLS web sessions.

Alarm bells ring for Internet of Things after smart TV hack

Alarm bells ring for Internet of Things after smart TV hack

By

Two researchers from Colombia University in the US have found that millions of internet-connected TVs could be taken over in a man-in the-middle attack.

Apple criticised despite fixing iOS 7 and OS X flaws

Apple criticised despite fixing iOS 7 and OS X flaws

By

Apple has been criticised despite correcting various security flaws on iOS 7 and OS X Lion and Mountain, with one such bug allowing hackers to intercept data via an SSL connection in a Man-in-the-Middle (MiTM) attack.

WhatsApp flaw leaves users open to spying

WhatsApp flaw leaves users open to spying

By

Global messaging service WhatsApp, now part of Facebook, has owned up to a security flaw which leaves it open to man-in-the-middle (MiTM) attacks.

DigiNotar hack details revealed by Dutch government

By

Details of the hack that lead to man-in-the-middle attacks on hundreds of thousands of Iranians' Google accounts and ultimately the liquidation of certificate authority DigiNotar have been released by the Dutch government.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US