blueteamsec

623 readers

22 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat

Using ADCS to Attack HTTPS-Enabled WSUS Clients (blog.digitrace.de)

submitted 1 month ago by digicat to c/blueteamsec

1 comments fedilink hide all child comments

top 1 comments

sorted by: hot top controversial new old

[–] faebudo 2 points 1 month ago

Oh wow. TL;DR They found out that, if you can do mitm on a TLS connection with valid certificates, you can impersonate the TLS secured service! I don't get from the article what the novelty is.

permalink
fedilink
source