HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Click here to visit Original posting

Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks.

The problem was found by Google vulnerability researcher Tavis Ormandy in the SSL/TLS traffic inspection feature that Kaspersky Anti-Virus uses to detect potential threats hidden inside encrypted connections.

Like other endpoint security products, Kaspersky Anti-Virus installs a self-signed root CA certificate on computers and uses it to issue "leaf," or interception, certificates for all HTTPS-enabled websites accessed by users. This allows the product to decrypt and then re-encrypt connections between local browsers and remote servers.

To read this article in full or to leave a comment, please click here

HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks

Your Apple Watch is now a very handy remote for Apple TV 4K, thanks to watchOS 11

New teaser for The Sandman season 2 reveals dreamy first looks at its Norse gods, a fraught family feast, and a 2025 Netflix release window

The Huawei Watch D2 is a surprise sequel to one of 2022’s weirdest watches

Stop Snapchat using your new AI Selfie in ads by turning off this one setting