Yes, it is possible in theory to forge the Web Server Certificate that is used in SSL/TLS communication. This is because the certificate is signed by a certificate authority that your browser trusts using a cryptographic hashing algorithm of a specific length. The hashing algorithms that have been used to… Continue reading
Search this site
Check out my other project…
- Create an EC2 that runs Chrome for sandboxed websurfing
- Check Multiple AWS S3 Buckets for Missing Default Encryption
- The Equifax Data Breach and the Apache Struts Vulnerability
- Test Early, Test Often
- Linux Hardening
- Information Security at Startup Companies
- Timestamp bash_history with every command
- Has SHA-1 been hacked?
#SEC545 https://t.co/ccnCaPJeBhScott Piper@0xdabbad00
VPC Flow Logs can now include the instance id, subnet id, and vpc id, along with a way to better identify the actual initiator of traffic.
Register for event: https://t.co/YBXKRBb2l6
@KennethGHartman @Cisco @Microsoft and @swimlane to share #cloudsecurity operations solutions that work, with a focus on providing specific technical advice directly from solution providers. FREE with discount code CloudForum2019.
Interesting k8s attacks in this weekly news summary. https://t.co/J6HUhIsb0X
Jcobson @Delta - "The core value proposition is: Am I satisfied coming to work, do I enjoy what I am doing, and am I getting paid for results?" https://t.co/eQhTj6Ihzq