ALPACA gnaws through TLS protection to snarf cookies and steal data theregister.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from theregister.com Daily Mail and Mail on Sunday newspapers.
New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites
Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim s web browser to a different TLS service endpoint located on another IP address to steal sensitive information.
The attacks have been dubbed ALPACA, short for Application Layer Protocol Confusion - Analyzing and mitigating Cracks in tls Authentication, by a group of academics from Ruhr University Bochum, Münster University of Applied Sciences, and Paderborn University. Attackers can redirect traffic from one subdomain to another, resulting in a valid TLS session, the study said. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
Share
A view of the T1 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
During the first four months of this year, the COVID-19 pandemic was still the number one news topic around the world; however, it became notably less prominent in the threat landscape. One could say “fortunately”, yet as you’ll see in our latest report, we are continuing to see worrying examples of cybercrooks being able to rapidly abuse trending vulnerabilities and flaws in configuration with focus on the highest ROI.
These abuses include the RDP protocol still being the number one target of brute-force attacks, increased numbers of cryptocurrency threats, and a steep increase of Android banking malware detections.