11 octombrie 2021

NSA Warns of Risks Posed by Wildcard Certificates, ALPACA Attacks

securityweek.com

The National Security Agency last week issued guidance on the risks associated with wildcard TLS certificates and Application Layer Protocols Allowing Cross-Protocol Attacks (ALPACA) techniques.Titled Avoid Dangers of Wildcard TLS Certificates and the ALPACA Technique , the new guidance encourages network administrators to ensure that the use of wildcard certificates does not create unwanted risks and that the enterprise environments are not vulnerable to ALPACA attacks .Web servers use digital [...]