search for: threatposts

Lest anyone think STARTTLS MITM doesn't happen, https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ Not only for security, I prefer port 993/995 as it's just plain simpler to initiate SSL from the get-go rather than to do some handshaking that gets you to the same point. Joseph Tam <jtam.home at gmail.com>

...> > Aki > Tath's help! But something still missing :( $ sudo doveadm -D -o imapc_user=tovis -o imapc_password=<password> -o imapc_host=nusi -R -u tovis imapc: Exited with messages (excerption - too many private information exposed): dsync(tovis): Debug: brain M: Mailbox INBOX.threatposts: local=00000000000000000000000000000000/0/0, remote=a557d4d9d858c0ceceef5cd10a973bdc/0/1: mailbox not selectable yet dsync(tovis): Debug: brain M: Mailbox INBOX.todo: local=00000000000000000000000000000000/0/0, remote=891e2fe9dc8874c0a19e496acf802566/0/1: mailbox not selectable yet dsync(tovis): De...

I see there's a release today or so from Oracle of a new zero-day vulnerability. Any idea how soon we'll have an update? <https://threatpost.com/en_us/blogs/oracle-rushes-emergency-java-update-patch-mcrat-vulnerabilities-030413> mark

If I read this correctly, starttls will fail due to the MITM attack. That is the client knows security has been compromised. Using SSL/TLS, the MITM can use SSL stripping. Since most Postifx conf use "may" for security, the message would go though unencrypted. Correct??? Is there something to enable for perfect forward security with starttls? ? Original Message ? From: s.arcus at

On 21/08/17 22:18, Joseph Tam wrote: > > Lest anyone think STARTTLS MITM doesn't happen, > > https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ > > Not only for security, I prefer port 993/995 as it's just plain simpler > to initiate SSL from the get-go rather than to do some handshaking that > gets you to the same

The CentOS team has been looking at the issue called out in these stories: http://threatpost.com/en_us/blogs/trivial-password-flaw-leaves-mysql-databases-exposed-061112 http://arstechnica.com/information-technology/2012/06/security-flaw-in-mysql-mariadb-allows-access-with-any-password-just-keep-submitting-it/ http://www.net-security.org/secworld.php?id=13076 According to the upstream provider

On 22.08.2017 03:56, Peter wrote: >>> Lest anyone think STARTTLS MITM doesn't happen, >>> >>> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ > Right, the attack does happen, but it can be prevented by properly > configuring the server and client. Dovecot, by default, requires STARTTLS before accepting plaintext

I like to retain some semblance of optimism for humanity, and so I'm just going to hope that this assertion is false. I have to hope that there is at least a large minority of people who correctly use ssh-agent for the suppression of password prompting, and protect their private keys with passwords.? -------- Original message -------- From: Dan Kaminsky <dan at doxpara.com> Date:

Hey all, Let's make an assumption: 1) I am a root user on a system. 2) I don't want said system being used as a jumping-off point if either a user account or the root account is compromised. Given an unencrypted private key, plus a known_hosts file, plus bash_history, it's a pretty easy avenue of attack once you're in the front door. And it's happened before*. Thus,

>> Lest anyone think STARTTLS MITM doesn't happen, >> >> https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ Right, the attack does happen, but it can be prevented by properly configuring the server and client. >> Not only for security, I prefer port 993/995 as it's just plain >> simpler to initiate SSL from the get-go

> > >> On 30 Sep 2019, at 13.13, tovises via dovecot <dovecot at dovecot.org> >> wrote: >>> >> WOW! - amazing quickly, I'm really grateful. >> >> I was using: -u tovis imapc: nusi but still something wrong. >> Patstebin: https://pastebin.com/tH4wzJka >> The most relevant part (I think) is: >>