New: Hackers can mess with HTTPS connections by sending data to your email server…
Because the browser is communicating in HTTPS and the email or FTP server is using SMTP, or another protocol, the possibility exists that things might go horribly wrong—a decrypted authentication cookie sent to the attacker, for instance, or the execution of malicious code.
So-called cross-protocol attacks are possible when the webserver TLS certificate uses a domain name that's compatible with the cert of an email or FTP server. There are ~14.4m such webservers, 114,000 of which are exploitable b/c the email or FTP server uses vulnerable software.

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Dan Goodin

Dan Goodin Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @dangoodin001

7 Jun
US seizes $2.3 million in Bitcoin that Colonial Pipeline paid to ransomware attackers…
DoJ officials didn't say how they obtained the digital currency other than to say they seized it from a bitcoin wallet through court docs filed in the Northern District of Calif.

Of particular interest is the Justice Department obtaining the private key to the Bitcoin wallet.
By reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and ID that ~63.7 bitcoins, representing the proceeds of the victim's ransom payment, had been transferred to a specific address, for which the FBI has the "private key."
Read 6 tweets
7 Jun
US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware hackers…
US investigators have recovered millions of dollars in cryptocurrency paid to hackers who prompted last month's shutdown of the East Coast pipeline last month. CP took early steps to help the FBI and track the payment to the cryptocurrency wallet used by the hackers.
Recall that DarkSide gave Colonial Pipeline the option of paying either in Bitcoin or Monero. CP chose to pay in Bitcoin, even though that option required paying a 10% premium. That means it cost CP about $500,000 more to pay in Bitcoin than XMR.
Read 6 tweets
3 Jun
Meatpacker JBS says all facilities are fully operational after weekend ransomware attack…
“The criminals were never able to access our core systems, which greatly reduced potential impact" JBS CEO Andre Nogueira said. "Today, we r fortunate that all our facilities around the globe r operating at normal capacity, and we are focused on fulfilling our responsibility...."
If all of this is true, this kind of resilience isn't an accident, particularly when going up against the technical prowess of REvil. We should give a medal to the IT people who made this happen. Then we should learn how to replicate this success elsewhere.
Read 4 tweets
2 Jun
It's hard not to be cynical when you cover companies like Norton who in the name of security launch a service like Norton Crypto. It's supposed to help users mine and store Ethereum safely. But it only worsens the cryptocurrency scourge by encouraging more followers. Image
Read 4 tweets
20 May
In the past 90 minutes, San Francisco Unified School District principals were told the the last day of this school year, June 2, will be held by video. The principals asked why but didn't get an answer. @mattalexandersf, @uesf, can you tell us what's going on? #sfschoolboard.
As an officer accountable to the #sfschoolboard, @SFUSD_Supe owes an explanation to its members, at least a few of whom had no idea this was happening. Students & family need 2 b back in school in person. What possible reason could there be 2 hold the last day of class virtually?
@SFUSD_Supe @SFUnified, can you confirm reports that SFUSD principals learned today that the last day of school will be held virtually?
Read 4 tweets
18 May
New: Florida water plant compromise that almost poisoned drinking water came hours after city worker visited malicious site targeting water utilities…
The security firm that discovered the watering hole attack, Dragos, ultimately determined that it likely played no role in the February intrusion into the Oldsmar, Florida, water treatment facility. But a site like this is concerning and should serve as a wake up call.
The watering hole attack was probably the least of Oldsmar's problems. The city's water treatment facility used TeamViewer on a Windows 7 PC to remotely access SCADA systems. Oh, and the TeamViewer password was shared among employees.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!