This article will examine CVE 2012-4929, also known as the CRIME vulnerability. To obtain plaintext HTTP headers, attackers with person-in-the-middle context can compare length differences between a s...

In this article, we will look at CVE-2015-0204, also known as the FREAK attack. This attack makes use of a person-in-the-middle position to allow end clients to communicate using RSA Export Keys, whic...

In this article, we will look at CVE Numbers CVE-2016–2183 and CVE-2016–6329, also known as the Sweet32 attack. The attack which involves collecting SSL traffic using legacy block ciphers via a person...

In this article we will look at the SSL Logjam vulnerability. This is a person-in-the-middle attack, similar to FREAK, that exposes Export Grade cipher suites. This time, Diffie-Hellman is used instea...

In this article we look at CVE Number CVE-2016-0800, also known as the DROWN vulnerability. Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) is an attack that demonstrates that even if you...

The term "Red Teaming" is frequently used in the realm of cyber security. Its meaning has evolved over time due to a variety of factors, including vendors misusing the term in marketing. As a foundati...