TLS 1.0 enabled

Description

The web server supports encryption through TLS 1.0. When aiming for PCI or DSS, it is recommended to use TLS 1.3.

Bussines Impact

An attacker might be able to exploit this vulnerability to conduct MITM attacks and decrypt the traffic between the affected service and clients.

Recommendation

In order to prevent this vulnerability from happening, make sure that you disable TLS 1.0 and replace it with TLS 1.3.

Reference

https://docs.microsoft.com/en-us/security/engineering/solving-tls1-problem

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »

HTTP VS. HTTPS

You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »