-
Thanks your code.
I try to this code. And I checked attacked client is connected rogue AP.
But DHCP is not work. Attacked Client has real AP's IP. So Attacked client is not via on the Internet.
w…
-
Can we somehow display the GPG key of repositories for users?
So they can easily verify they are getting the correct repository and not some man.-in-the-middle attacked one?
This would be in /re…
-
It is weird that a program made for secure messaging doesn't have checksums and GPG fingerprints listed on its website. Currently if the site got hacked or if the files on it were replaced in a man in…
-
Sign in with Google temporarily disabled for this app
This app has not been verified yet by Google in order to use Google Sign In.
Is this a new issue or this is something wrong with my setup?
-
# Summary
It should be possible to enable `argocd-server` to serve the `Strict-Transport-Security` HTTP header. Organizational compliance requirements are trending to include this configuration req…
-
When an openssl-3.0 client wants to support brainpool server certificates,
but also allow TLS1.3 with RSA certificates, everything works fine, when
both client and server enable brainpool groups, in…
-
Vagrant disables `StrictHostKeyChecking` which means it's vulnerable to a man-in-the-middle attack, defeating the security assurances provided by SSH and calling into question the security of the inst…
-
### Cookbook version
5.0.0
### Chef-client version
12.18
### Platform Details
Jekins 2.32
ssh-slaves plugin 1.16
### Scenario:
Adding ssh Slaves
### Steps to Reproduce:
Create an ssh…
-
# Description of the bug
In the `Init` function of `index.go` located in `github.com/mickael-kerjean/filestash/server/plugin/plg_backend_ftp`, the FTPS (FTPs over TLS) connections are being establi…
-
Issue Severity: High
Issue Exploitability: Moderate
Issue Description:
The following classes within the App define an [insecure `Hostname Verifier ](https://developer.android.com/reference/javax/…