“always declined. and for good reason. there are many examples when root certificates have been abused allowing potentially anyone to spy on the encrypted web traffic of others. 3 last week, however, kazakhstan gave up asking nicely and instead simply instructed its citizens to ma…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557Adversary-in-the-Middle
63%
“strict transport security ( hsts ) and http public - key pinning ( hpkp ) both permit this kind of interception – indeed organizations that make use of ssl intercepting proxies utterly rely on this capability. 8 if this interception were never permitted by industry standards, the…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1090.002External Proxy
61%
“request whilst on the network of an affected isp. to accomplish this, we had a few options : - stand up a virtual server in a local cloud provider - find a vpn endpoint that terminates in the affection region - find an open web proxy to send traffic out on our behalf having no lu…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.004Digital Certificates
45%
“always declined. and for good reason. there are many examples when root certificates have been abused allowing potentially anyone to spy on the encrypted web traffic of others. 3 last week, however, kazakhstan gave up asking nicely and instead simply instructed its citizens to ma…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557Adversary-in-the-Middle
43%
“kazakhstan attempts to mitm its citizens - government of kazakhstan asks its citizens to install digital certificate - the request comes under the pretext of improving the nation ’ s security - installing the certificate allows the government to intercept and decrypt traffic of a…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1557Adversary-in-the-Middle
33%
“on the web. interception of google. com, android. com and mail. ru allows the kazakh government to intercept and read some of the most popular messages services on the internet. curiously, some very popular messaging and social media sites, such as whatsapp, telegram, and wechat …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Kazakhstan is now asking its citizens to install digital certificates so that it can decrypt all online communications. Their methods, however, may leave the population vulnerable to cyber attacks for many years to come.