• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech Guide
  • Home Improvement
  • Gadget & Apps
  • Deals
  • News

Facebook and Carnegie Mellon University found a way to block man-in-the-middle attacks

By Guest Authors

Man-in-the-middle attacks have been one of the most notorious cyber threats that have been wreaking havoc to enterprises for years. This sort of attack is often difficult to combat because attackers operate in a highly stealthy manner, making it less noticeable to two individuals communicating over the Internet.

Detection is the key. Researchers from Facebook and Carnegie Mellon University have joined forces to build a system that security professionals and even regular Internet users can employ to detect man-in-the middle attacks.

Although the tool is not so recent as it has been under development for quite some time, Facebook was able to demonstrate it on its own network and concluded that could also be applied to other large enterprises. The technology was able to identify 6,845 tampered certificates from more than 3 million SSL connections during the course of the experiment.

mitm-attacks

Man-in-the middle attacks have been known to target corporate data, so it was not surprising when Facebook and Carnegie Mellon University researchers found that majority of the attack incidents occurred to commercial organizations. But governments and financial institutions have not been spared also from its wrath.

MITM attacks operate to redirect Web traffic through a malicious server in order to view or change a data in transit before it reaches the recipient. It takes place between a Web server and a browser. Even when the traffic between these two end points is protected by an SSL protocol, or more commonly called encrypted, attackers have a way to intercept the certificates in order to secretly join the communication line.

In order to spot changes in certificates, the researchers combined Web pages that are made accessible to select Facebook users with a Flash applet, which skirted the social network’s browser protocol and transmitted data contained in certificates to the researchers’ server.

IT security departments will be most interested in this method in order to monitor instances of man-in-the-middle attacks on users of its their corporate websites. It will also help a lot to protect stakeholders within an organization by ensuring that internal traffic between employees are not tampered.

There are also risks associated with anti-virus software tools installed on computers or cloud platforms, the research revealed. That is so because these products are built to serve as proxies that facilitate the flow of Internet traffic, and they are also sometimes susceptible to attacks. When this anti-virus software system deploys certificates instead of the browser’s certificate, the browser becomes incapable of authenticating certificates.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Footer

Oleap Archer AI Meeting Headset Review: Smart Assistant or Redundant Tech?

SUNSEEKER ELITE X7 Robot Lawn Mower Review – Does Automated Lawn Care Work?

OptiSolex 400W Portable SolarBag Kit Review

Linkind Smart Solar Spotlight SL5C Review – Solar Smarts Done Right

Follow TechWalls

YoutubeFacebookXInstagram

Recent Posts

  • Water from dishwasher backing up in the kitchen sink – How To Fix It?
  • Stop Leaking On the Nut of BrassCraft Compression Valve
  • Oleap Archer AI Meeting Headset Review: Smart Assistant or Redundant Tech?
  • Father’s Day Gift Idea: garden pond waterfalls and fountains

Copyright © 2025 · All Rights Reserved