NSA: Avoid Dangers of Wildcard TLS Certificates, the ALPACA Technique – Hstoday – HSToday – Mediaboss Marketing

NSA: Avoid Dangers of Wildcard TLS Certificates, the ALPACA Technique – Hstoday – HSToday

Category: NSA

NSA released the Cybersecurity Information Sheet,Avoid Dangers of Wildcard TLS Certificates and the ALPACA Techniquetoday, warning network administrators about the risks of using poorly scoped wildcard Transport Layer Security (TLS) certificates. NSA recommends several actions web administrators should take to keep their servers secure. This guidance also outlines the risks of falling victim to a web application exploitation method called Application Layer Protocols Allowing Cross-Protocol Attacks (ALPACA), which malicious cyber actors can use to access sensitive information.

NSA is releasing this guidance as part of our mission to help secure the Department of Defense (DoD), National Security Systems (NSS) and Defense Industrial Base (DIB). Administrators should assess their environments and mitigate wildcard certificates and ALPACA risks.

Wildcard certificates are used to authenticate multiple servers and simplify credential management, saving time and money. However, if one server hosting a wildcard certificate is compromised, all other servers that can be represented by the wildcard certificate are put at risk. A malicious cyber actor with a wildcard certificates private key can impersonate any of the sites within the certificates scope and gain access to user credentials and protected information.

The ALPACA technique, which exploits hardened web applications through non-HTTP services secured using a TLS certificate whose scope matches the web application, further increases the risk of using poorly scoped wildcard certificates.

NSA recommends NSS, DoD, and DIB administrators ensure their organizations wildcard certificate usage does not create unmitigated risks, making their web servers vulnerable to ALPACA techniques. The Cybersecurity Information Sheet provides mitigations for poorly implemented certificates and ALPACA, including:

For more details on how to harden wildcard certificates against the ALPACA technique,read the full information sheet.

For additional cybersecurity guidance, visithttps://www.nsa.gov/Press-Room/Cybersecurity-Advisories-Guidance/.

Read more at NSA

See the article here:
NSA: Avoid Dangers of Wildcard TLS Certificates, the ALPACA Technique - Hstoday - HSToday

Related Posts

NSA Doval meets Brazilian counterpart to review cooperation in strategic areas | Latest News India - Hindustan Times - October 4th, 2025 [October 4th, 2025]
Red Hat allegedly hit by huge breach exposing major organizations, including the NSA - Cybernews - October 2nd, 2025 [October 2nd, 2025]
NSA officer injured after Maryland man drives through checkpoint, rams multiple police vehicles - WMAR 2 News Baltimore - September 30th, 2025 [September 30th, 2025]
Why should officials not be fined: HC on illegal NSA arrest - The Times of India - September 30th, 2025 [September 30th, 2025]
SKM demands to release Sonam Wangchuk, revoke imposition of NSA - The Times of India - September 30th, 2025 [September 30th, 2025]
Seoul's NSA reportedly says S.Korea unable to pay $350b upfront in investment in US for tariff deal; weaponizing alliance exposes nature of US... - September 30th, 2025 [September 30th, 2025]
'Delhi banega Khalistan': Freed Khalistani terrorist out on bail in Canada threatens India, targets NSA A - The Times of India - September 30th, 2025 [September 30th, 2025]
Two Days After His Detention Under NSA, Sonam Wangchuks Wife Says She Is Yet to Speak to Him - The Wire India - September 30th, 2025 [September 30th, 2025]
Sonam Wangchuk detained under NSA: What to know about National Security Act - The Indian Express - September 28th, 2025 [September 28th, 2025]
Evercore ISI Raises PT on National Storage Affiliates Trust (NSA) to $32, Maintains an Underperform Rating - Yahoo Finance - September 28th, 2025 [September 28th, 2025]
Sonam Wangchuk Arrested under NSA: Ladakh admin explains why he was moved to Jodhpur jail - Mint - September 28th, 2025 [September 28th, 2025]
NSA whistleblower Reality Winner on rebuilding her life in new memoir - MSN - September 21st, 2025 [September 21st, 2025]
Assessing the Valuation of National Storage Affiliates Trust (NSA) After Recent Share Price Moves - simplywall.st - September 19th, 2025 [September 19th, 2025]
NSA Warns iPhone And Android UsersClose All Apps If You See This - Forbes - September 17th, 2025 [September 17th, 2025]
US' Ex-NSA John Bolton: Trump Should Call Modi, Fix Relations, And Visit India For QUAD Summit' - Times of India - September 17th, 2025 [September 17th, 2025]
'Come To India': Ex-NSA's Words Of Wisdom To Trump On Tariff, Indo-US Ties - Times of India - September 17th, 2025 [September 17th, 2025]
Video NSA whistleblower Reality Winner on rebuilding her life in new memoir - ABC News - September 17th, 2025 [September 17th, 2025]
Former US NSA calls India proud and strong, criticises Trumps India strategy - The Shillong Times - September 17th, 2025 [September 17th, 2025]
Video | Ex-US NSA's Explosive Interview: 'Navarro Keeps Picking Fights' - NDTV - September 15th, 2025 [September 15th, 2025]
NSA, EFCC, DSS urged to probe alleged funding of bandits in Zamfara - The Guardian Nigeria News - September 15th, 2025 [September 15th, 2025]
Ex-US NSA Reveals Navarro Once Attempted Confrontation Between Donald Trump, PM Modi - News18 - September 15th, 2025 [September 15th, 2025]
Navarro tried to provoke Modi-Trump clash, claims ex-US NSA; says India should ignore the sideshow - Moneycontrol - September 15th, 2025 [September 15th, 2025]
'Erratic behaviour': Ex-US NSA John Bolton slams Trumps India tariffs; rejects claim of brokering India- - The Times of India - September 13th, 2025 [September 13th, 2025]
Unqualified to be US Ambassador to India: Ex-US NSA slams Sergio Gor nomination; dismisses Navarros re - The Times of India - September 13th, 2025 [September 13th, 2025]
Trump's not thinking about the effects of his actions: Ex-US NSA John Bolton - The Times of India - September 13th, 2025 [September 13th, 2025]
NSA leaker Reality Winner is rebuilding her life -- and looking back at her past - NPR - September 13th, 2025 [September 13th, 2025]
India should see Trump as one-time proposition: Ex-US NSA John Bolton flags number of concerns on Indian side - Mint - September 13th, 2025 [September 13th, 2025]
Peter Navarro Tried To Start Fight Between Trump, PM Modi: Ex US NSA - NDTV - September 13th, 2025 [September 13th, 2025]
'Erratic behaviour': Ex-US NSA John Bolton slams Trumps India tariffs; rejects claim of brokering India-Pak peace - MSN - September 13th, 2025 [September 13th, 2025]
India should see Trump as one-time proposition and act in its national interest: Ex-US NSA John Bolton - Tribune India - September 13th, 2025 [September 13th, 2025]
Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat' - The Record from Recorded Future News - September 11th, 2025 [September 11th, 2025]
Cyber Command, NSA to remain under the leadership of one person - SC Media - September 11th, 2025 [September 11th, 2025]
CISA, NSA and Partners Release Shared Vision of Software Bill of Materials for Cybersecurity Guide - Homeland Security Today - September 11th, 2025 [September 11th, 2025]
New Research Reveals How NSA is Affecting Providers, Consumers - MedLearn Publishing - September 11th, 2025 [September 11th, 2025]
NSA, CISA and others urge for unified approach to strengthen cybersecurity resilience - Digital Watch Observatory - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - KREM - September 9th, 2025 [September 9th, 2025]
NSA Director-General reassigned to Ministry of Finance - GhanaWeb - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - ABC10 - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - 12News - September 9th, 2025 [September 9th, 2025]
Federal firefighter stationed at NSA Portsmouth saves passenger in cardiac arrest with life-saving CPR during flight - 13newsnow.com - September 6th, 2025 [September 6th, 2025]
Trump expected to nominate Lt. Gen. William Hartman to lead NSA, Cyber Command - Politico - September 5th, 2025 [September 5th, 2025]
Trumps personal rapport with PM Modi is gone, says former US NSA John Bolton; warns ties wont shield le - The Times of India - September 5th, 2025 [September 5th, 2025]
Trump threw aside India ties for family's business with Pakistan, says Ex-US NSA Jake Sullivan | Latest News India - Hindustan Times - September 5th, 2025 [September 5th, 2025]
CISA, NSA, global partners release SBOM Guidance urging cross-border adoption to boost software supply chain security - Industrial Cyber - September 5th, 2025 [September 5th, 2025]
Trump wrecked India ties for business interests in Pakistan: Fmr NSA | World News - The Times of India - September 5th, 2025 [September 5th, 2025]
Core4ce Appoints Former NSA Cybersecurity Director David Luber to Board of Advisors - Business Wire - September 5th, 2025 [September 5th, 2025]
Court to Either Trash or Withhold Controversy 'NSA Calls Log Evidence' Today - liberianobserver.com - September 5th, 2025 [September 5th, 2025]
Trump-Modi's very good relationship is gone now: Former US NSA Bolton - Business Standard - September 5th, 2025 [September 5th, 2025]
'Threw India ties aside for Pakistan business': Ex-US NSA Jake Sullivan blasts Trump; calls it a 'huge st - The Times of India - September 3rd, 2025 [September 3rd, 2025]
Former NSA Jake Sullivan accuses Trump of prioritising familys business ventures in Pakistan over India relations - The Indian Express - September 3rd, 2025 [September 3rd, 2025]
Predicting NSA.PRA trend using moving averages - Trade Volume Report & AI Powered Buy/Sell Recommendations - Newser - September 3rd, 2025 [September 3rd, 2025]
Is it time to cut losses on NSA.PRA - 2025 Year in Review & Real-Time Buy Zone Alerts - Newser - September 3rd, 2025 [September 3rd, 2025]
Can trapped investors hope for a rebound in NSA.PRB - July 2025 Action & Daily Profit Focused Stock Screening - Newser - September 1st, 2025 [September 1st, 2025]
Price action breakdown for NSA.PRA - July 2025 Pullbacks & Risk Adjusted Buy/Sell Alerts - Newser - September 1st, 2025 [September 1st, 2025]
Can a trend reversal in NSA.PRA lead to recovery - CPI Data & AI Powered Buy and Sell Recommendations - Newser - September 1st, 2025 [September 1st, 2025]
NSA, Other Agencies Release Advisory Against China-Sponsored Cyberthreats - ExecutiveGov - August 29th, 2025 [August 29th, 2025]
NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs - Security Affairs - August 29th, 2025 [August 29th, 2025]
Former National Security Agency (NSA) Director and Commander of U.S. Cyber Command Joins Accrete, Inc. as Strategic Board Advisor - Yahoo Finance - August 29th, 2025 [August 29th, 2025]
NSA.PRA stock outlook for YEAR - Quarterly Profit Summary & Long-Term Safe Investment Ideas - Newser - August 29th, 2025 [August 29th, 2025]
NSA, FBI, Others Say Chinese Tech Firms are Aiding Salt Typhoon Attacks - Security Boulevard - August 29th, 2025 [August 29th, 2025]
American brand globally is in the toilet: Former US NSA Jake Sullivan says Trumps massive trade offen - The Times of India - August 29th, 2025 [August 29th, 2025]
CISA, NSA, And FBI Warn Of Ongoing Chinese State-Sponsored Cyber Espionage - Information Security Buzz - August 29th, 2025 [August 29th, 2025]
What recovery options are there for NSA.PRA - July 2025 Update & Verified Momentum Watchlists - Newser - August 27th, 2025 [August 27th, 2025]
Top Resilience and Healthcare Keynote Speaker, Artist, Burn Survivor, and Entrepreneur, Allison Massari, Inducted into NSA Speaker Hall of Fame--A... - August 27th, 2025 [August 27th, 2025]
Top Resilience and Healthcare Keynote Speaker, Artist, Burn Survivor, and Entrepreneur, Allison Massari, Inducted into NSA Speaker Hall of Famea... - August 27th, 2025 [August 27th, 2025]
Joseph Francescon Announced as Next NSA Deputy Director - Homeland Security Today - August 26th, 2025 [August 26th, 2025]
Former National Security Agency (NSA) Director and Commander of U.S. Cyber Command Joins Accrete, Inc. as Strategic Board Advisor - PR Newswire - August 26th, 2025 [August 26th, 2025]
Former CRPF DG Anish Dayal Singh appointed deputy NSA - The Hindu - August 26th, 2025 [August 26th, 2025]
FBI raids Trump ex-NSA John Bolton days after outburst on India tariff - Tribune India - August 24th, 2025 [August 24th, 2025]
Is NSA.PRA reversing from oversold territory - 2025 Short Interest & Risk Adjusted Buy and Sell Alerts - Newser - August 24th, 2025 [August 24th, 2025]
Will a bounce in NSA.PRB offer an exit - Swing Trade & Weekly Top Performers Watchlists - Newser - August 24th, 2025 [August 24th, 2025]
Who is John Bolton? From Trump's ex-NSA to FBI target in classified information probe - Hindustan Times - Hindustan Times - August 22nd, 2025 [August 22nd, 2025]
Former intelligence analyst is named NSA deputy director - The Washington Post - August 22nd, 2025 [August 22nd, 2025]
FBI Raids Former US NSA John Bolton's Home Days After He Criticised Trump's Tariffs On India - Republic World - August 22nd, 2025 [August 22nd, 2025]
FBI raids home of former NSA John Bolton as part of investigation into classified documents - Audacy - August 22nd, 2025 [August 22nd, 2025]
'Sanctions don't prohibit': Former Trump NSA John Bolton on India buying Russian oil | Latest News India - Hindustan Times - Hindustan Times - August 22nd, 2025 [August 22nd, 2025]
FBI raids Trump's former NSA John Bolton's Maryland residence after India tariffs outburst - theweek.in - August 22nd, 2025 [August 22nd, 2025]
FBI raids ex-Trump NSA John Boltons house, days after he criticised penalty tariffs on India - ThePrint - August 22nd, 2025 [August 22nd, 2025]
'Sanctions don't prohibit': Former Trump NSA John Bolton on India buying Russian oil - MSN - August 22nd, 2025 [August 22nd, 2025]
Will NSA.PRB outperform during market rallies - Portfolio Performance Report & Verified Technical Signals - baoquankhu1.vn - August 22nd, 2025 [August 22nd, 2025]

October 12th, 2021

No comments yet

Comments are closed.