Man in the middle News
January 29, 2016
A new OpenSSL patch fixes a severe encryption flaw and strengthens the protocol against the Logjam vulnerability.
January 12, 2016
Researchers in Germany have found two OAuth vulnerabilities, which could allow attackers to break the authorization and authentication standard. And an expert said the fix must be made to the standard itself.
November 11, 2015
Microsoft's November 2015 Patch Tuesday delivers 12 total bulletins, four of which are critical, and one issue with font handling that angers one expert.
July 17, 2015
News roundup: Are the tides turning on mobile app safety? One white hat hacker's attempt to reverse-engineer the Subway app offers surprising results. Plus: CloudFlare Transparency Report; another call to eliminate RC4; Black Hat attendant survey.
Man in the middle Get Started
Bring yourself up to speed with our introductory content
Opportunistic encryption offers encryption for servers that don't support HTTPS. Expert Michael Cobb explains how it works and how it can help Web security. Continue Reading
A proof-of-concept attack on Apple's Siri allowed researchers to steal data from iOS. Learn more about the iStegSiri attack and how to defend against such threats. Continue Reading
Unwanted preinstalled software -- also known as bloatware -- has made its way onto PCs and mobile devices alike. Expert Nick Lewis explains how to detect and uninstall the potential threat. Continue Reading
Evaluate Man in the middle Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Let's Encrypt, a new open certificate authority, is coming soon. Expert Michael Cobb explores the merits of using free and open CAs and whether or not enterprises should explore them. Continue Reading
Lethal threats to enterprise information security are emerging from every which way. This ISM Insider Edition looks at what security professionals are up against: state-sponsored attacks, the rise of hacking via social media, and the spread of small, relatively autonomous devices with sensors and networking chips.
Besides the need to watch out for attacks from China, North Korea and other nations, today’s security pros must beware of the individual hacker, who has become more potent. Blended threats and improvements to man-in-the-middle exploit kits have made malware more available to less-skilled cybercriminals who can now launch drive-by attacks with just a few mouse clicks. Continue Reading
Native media encryption and regular Web browser updates mitigate WebRTC security threats. Authorization and fraud-prevention mechanisms can help, too. Continue Reading
Manage Man in the middle
Learn to apply best practices and optimize your operations.
MiTM attacks are including wireless networks among their targets, targeting vulnerabilities in applications, browsers, mobile, IoT and the cloud. Continue Reading
Email attacks are inevitable, so supporting incident response policies and procedures is necessary to ensure your enterprise is adequately prepared for an attack. Continue Reading
Flaws in the AFNetworking code library threaten iOS app security. Expert Michael Cobb explains how to prevent falling victim to the flaws. Continue Reading
Problem Solve Man in the middle Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
A Linux-based Moose worm causes social media fraud through infected routers. Expert Nick Lewis explains how the Moose worm works and how to avoid it. Continue Reading
Expert Michael Cobb discusses the TLS protocol flaw dubbed Logjam and explains how to detect if enterprise systems are at risk, as well as how to remediate them. Continue Reading
A new global email scam has cost enterprises millions. Expert Nick Lewis explains how to defend against man-in-the-email attacks with proper training and little technology. Continue Reading