The majority of DHS subdomains vulnerable to Man in The Middle attacks
On 17th september there were 18 .dhs.gov entries in badssl , 11 of which vulnerable to Man in The Middle attacks and 4 to Poodle (TLS ) attack; United States Government Accountability Office has meanwhile found other issues which are probably bigger(?) than that, as the $6B firewall which seems hitting an impressive 6% of the total vulnerabilities selected for review: More specifically, for the five client applications we reviewed (Adobe Acrobat, Flash, Internet Explorer, Java, and Microsoft office), the NCPS intrusion detection signatures provided some degree of coverage for approximately 6 percent of the total vulnerabilities selected for review. ...by the way, here are the (SSL/TLS) facts about DHS as of today:
Comments