#ssl

### Description `Undici.ProxyAgent` never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually sent via plain-text HTTP between Undici and the proxy server. ### Impact This affects all use of HTTPS via HTTP proxy using **`Undici.ProxyAgent`** with Undici or Node's global `fetch`. In this case, it removes all HTTPS security from all requests sent using Undici's `ProxyAgent`, allowing trivial MitM attacks by anybody on the network path between the client and the target server (local network users, your ISP, the proxy, the target server's ISP, etc). This less seriously affects HTTPS via HTTPS proxies. When you send HTTPS via a proxy to a remote server, the proxy can freely view or modify all HTTPS traffic unexpectedly (but only the proxy). Example: ```js setGlobalDispatcher(new...

`TlsWyRand`'s implementation of `Deref` unconditionally dereferences a raw pointer, and returns multiple mutable references to the same object, which is undefined behavior.

By Owais Sultan Microsoft is a global leader in cloud storage and data protection. They prove that even the most respected… This is a post from HackRead.com Read the original post: How Data Landlords Put Their Tenants at Risk

Cyber insurance is more than a policy for paying off ransomware gangs. It's designed to be something you transfer risk to when security controls fail.

A secure Web browser takes the top prize, and for the second year in a row malware detection is an afterthought.

Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24.

This advisory contains mitigations for an Infinite Loop vulnerability in the Siemens OpenSSL Affected Industrial Products.

For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in value, each bringing its own strengths to bear. However, with remote working now the norm in most if not all workplaces, it feels a lot more like agent-based scanning is a must, while network-based scanning is an optional extra. This article will go in-depth on the

By Deeba Ahmed The DDoS attack originated from 121 countries and was powered by a small botnet of only 5,067 hacked… This is a post from HackRead.com Read the original post: Cloudflare Thwarted Largest Ever HTTPS DDoS Attack

Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface.