Jul 09, 2024NewsroomVulnerability / Network Security Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances. "The RADIUS protocol allows certain Access-Request … [Read more...] about RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Protocol
Identifying malicious Remote Desktop Protocol (RDP) connections with Elastic Security
Lateral movement is a dangerous threat in the landscape of highly integrated technologies. If attackers gain access to an endpoint, it’s critical for security teams to identify any and all movements they make. To combat this threat, Elastic Security is excited to announce a new lateral movement detection package that makes use of advanced analytics.In the past, we explored how … [Read more...] about Identifying malicious Remote Desktop Protocol (RDP) connections with Elastic Security
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
May 26, 2023Ravie LakshmananICS/SCADA Security A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. There … [Read more...] about New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
Cisco Interop: Discovery of Designated Resolvers Protocol Implemented
Earlier this year in a blog post, I shared a bit about our Auth-DoH idea. In case it’s not top of mind, let me help refresh your memory. Auth-DoH is essentially a safer way to publicly advertise private services. It’s a forward-looking idea to improve DNS security. Another forward-looking idea is Discovery of Designated Resolvers (DDR). DDR allows for upgrading from insecure … [Read more...] about Cisco Interop: Discovery of Designated Resolvers Protocol Implemented
New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users
High impact vulnerabilities in modern communication protocol used by mobile network operators (MNOs) can be exploited to intercept user data and carry out impersonation, fraud, and denial of service (DoS) attacks, cautions a newly published research.The findings are part of a new Vulnerabilities in LTE and 5G Networks 2020 report published by London-based cybersecurity firm … [Read more...] about New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users
How New ‘Delegated Credentials’ Boosts TLS Protocol Security
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS."Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates without sacrificing the reliability of secure connections.In short, the new TLS protocol … [Read more...] about How New ‘Delegated Credentials’ Boosts TLS Protocol Security
Cisco Advances Communications Security with Completion of Automated Cryptographic Validation Protocol Testing
Today’s digital economy relies on secure communications in both our personal and business activities. We expect that when private data is transmitted over the internet, or other communications channels, it will be protected against tampering and prying eyes. The integrity and confidentiality of information is typically achieved using cryptography, mathematically based methods … [Read more...] about Cisco Advances Communications Security with Completion of Automated Cryptographic Validation Protocol Testing