blueteamsec

709 readers

1 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat@infosec.pub

Using ADCS to Attack HTTPS-Enabled WSUS Clients (blog.digitrace.de)

submitted 4 months ago by digicat@infosec.pub to c/blueteamsec@infosec.pub

1 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] faebudo@infosec.pub 0 points 4 months ago

Oh wow. TL;DR They found out that, if you can do mitm on a TLS connection with valid certificates, you can impersonate the TLS secured service! I don't get from the article what the novelty is.

permalink
fedilink
source