The cyber-gang behind the now defunct FinFisher man-in-the-middle attacks has switched over to using a new spyware dubbed StrongPity2 and is now using several popular websites to conduct watering hole attacks.
Misconfigured Amazon Web Service (AWS) S3 buckets that allow public writes are enabling man-in-the-middle (MITM) attacks on servers containing data from leading news media, retail and well-known cloud services.
Security researchers have advised the patching of a critical vulnerability in the DNS client used in Windows. The flaw could allow hackers to gain access to a target system.
Billions of Bluetooth devices, including those running on Android, iOS, Linux, and Windows, contain vulnerabilities that can allow malicious actors to remotely execute code, take over devices, and perform (MitM) attacks.
SSL inspection is much more widespread than previously thought and could help a MiTM attack, leading the US-CERT, part of the DHS in America, to issue a special advisory.
Private and corporate data are targets for hackers who are focussing their attention on rushed and stressed business people on the move.
Exploit could lead to man-in-the-middle attack against desktop and laptop systems running the Lenovo Accelerator Application.
The Baidu browser for Android and Windows has been shown by Toronto-based CitizenLab to not only collect the personal information of its users and send it back to the company's servers but do so with weak, or nonexistent, encryption.
ICYMI: New PayPal spam; WEF top risks; Ukraine cyber-attack; OpenSSH vulnerabilities; IoT Doorbell flawed;
The latest In Case You Missed It (ICYMI) looks at a new type of PayPal spam, WEF names cyber-attacks as one of its top three threats, Ukraine suffers major cyber-attack on main airport, OpenSSH open to MitM attacks and the IoT doorbell that reveals its owners wifi key.
Pen-testers manage to access insecure firmware update process on Star Wars BB-8
Thanks to a broken update procedure, installations of the Drupal CMS appear to be telling users that they are up-to-date despite still using older software.
Xbox Live keys "inadvertently disclosed"
The Yale Home System (Europe) Android application vulnerable to a man-in-the-middle attack due to TLS errors .
The Vawtrak bug back and meaner than ever, say Proofpoint researchers
Hackers could gain control of PC using 'Netflix for pirates' using its connection to CloudFlare made over HTTP instead of HTTPs to allow man in the middle attack.
The latest ICYMI column looks at the latest WordPress XSS flaw, costly data breaches and the return of the controversial "Snooper's Charter".
This week's In Case You Missed It (ICYMI) column looks at the latest Lenovo flaw, Edward Snowden's standing in the UK, trust in cyber-insurance and a new version of TorrentLocker.
World number one PC maker Lenovo has been accused of running a "massive security risk" because flaws in its online product update service allow hackers to download malware onto its users' systems through a man-in-the-middle (MiTM) attack.
There are as many as a dozen variants of the Superfish bloatware found last week on Lenovo laptops, it has been discovered.
Lenovo's consumer laptops ran pre-installed adware/malware which could be used to intercept and hijack encrypted SSL/TLS web sessions.
Two researchers from Colombia University in the US have found that millions of internet-connected TVs could be taken over in a man-in the-middle attack.
Apple has been criticised despite correcting various security flaws on iOS 7 and OS X Lion and Mountain, with one such bug allowing hackers to intercept data via an SSL connection in a Man-in-the-Middle (MiTM) attack.
Global messaging service WhatsApp, now part of Facebook, has owned up to a security flaw which leaves it open to man-in-the-middle (MiTM) attacks.
Details of the hack that lead to man-in-the-middle attacks on hundreds of thousands of Iranians' Google accounts and ultimately the liquidation of certificate authority DigiNotar have been released by the Dutch government.