This PR updates wolfCLU to properly handle X509 name parsing following changes in wolfSSL's OBJ_sn2nid function behavior. The changes focus on how Distinguished Name (DN) components are processed when creating X509 certificates. These changes ensure wolfCLU properly handles X509 name components whe

A recent proof of concept (PoC) demonstrates a novel attack vector where an attacker embeds a complete Windows executable within an extension of an X.509 certificate. This technique leverages the trusted nature of HTTPS and certificates to deliver malicious payloads without traditional download mechanisms or HTTP requests. The attack involves the client retrieving the certificate via HTTPS, extracting the embedded executable, and running it locally. However, the effectiveness of this attack is limited by the presence of SSL inspection proxies, which replace the server's certificate with their own, thereby stripping out any non-standard extensions, including the malicious payload. This technique underscores the importance of SSL inspection and the need to monitor and validate certificate extensions. It highlights the creativity of attackers in finding new ways to smuggle malicious payloads and the necessity for robust security controls to mitigate such threats. Cybersecurity professionals should be aware of this technique and ensure that their defenses include SSL inspection and thorough certificate validation.

While pulling together some information for a previous blog, I had identified an interesting JSON Web Signature (JWS) header that I wanted to learn more about. In RFC 7515 Section 4.1, a list of registered header…

strongSwan is an open-source, modular and portable IPsec-based VPN solution

In this guest blog post, Sukhyung Shin, Senior IoT Solutions Architect - Strategy, Keyfactor, discusses how Azure IoT Hub and IoT Hub DPS can employ public...

Origin