Skip to main content

#Verpasstodon

Lauschangriff auf russischen Jabber-Server in Deutschland: Wer steckt dahinter?

Rein zufällig flog auf, dass sich Unbekannte mit einem eigenen Zertifikat in Jabber-Chat-Verbindungen einklinkten. Die Betreiber vermuten eine Polizeiaktion.

https://www.heise.de/news/Lauschangriff-auf-russischen-Jabber-Server-in-Deutschland-Wer-steckt-dahinter-9343653.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#Jabber #Let'sEncrypt #ManintheMiddle #Security #XMPP


Lauschangriff auf russischen Jabber-Server in Deutschland: Wer steckt dahinter?

Dr. Christopher Kunz (heise online)
#xmpp #security #Jabber #verpasstodon #let #maninthemiddle
in reply to heise online

XSF: XMPP Standards Foundation
XSF: XMPP Standards Foundation

To reduce the risk of such attacks in the future an early stage service called CertWatch has been published by our Community: https://certwatch.xmpp.net/

https://fosstodon.org/@xmpp/111303395297803949

XSF: XMPP Standards Foundation

2023-10-26 21:17:10


#XSF Announcement

Recently there was an incident via a so called #man_in_the_middle attack happened to an #XMPP #server.

To reduce the risk of such attacks in the future an early stage service called CertWatch has been published by our Community: https://certwatch.xmpp.net/

Many thanks to Stephen P. Weber (@singpolyma)!

Read two related blog posts:
http://blog.jmp.chat/b/certwatch/certwatch

https://snikket.org/blog/on-the-jabber-ru-mitm/

#Jabber #mitm #security #vulnerability #machine_in_the_middle #chat


On the jabber.ru MITM attack

Reports of a possible recent interception of the public XMPP service jabber.ru have raised a lot of questions for people about how the attack happened, and whether it could affect them too. We have some answers.
snikket.org