all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Suspected MitM attack against jabber.ru XMPP server, where the attacker leveraged fraudulently-issued LetsEncrypt certificates

Add to bookmarks
Oct. 21, 2023, 7:10 a.m. | /u/tweedge

cybersecurity www.reddit.com

This community should be very interested in reports about a suspected MitM attack against `jabber.ru`, a popular Russian XMPP server. If this is true (and based on the reports, it *sure looks true*), the attacker obtained a MitM, issued valid certificates using LetsEncrypt, and snarfed up messages while remaining undetected for months.

* Evidence for the attack itself: [https://web.archive.org/web/20231021000855/https://notes.valdikss.org.ru/jabber.ru-mitm/](https://web.archive.org/web/20231021000855/https://notes.valdikss.org.ru/jabber.ru-mitm/)
* On mitigating MitM attacks in the modern day: [https://web.archive.org/web/20231021063637/https://www.devever.net/\~hl/xmpp-incident](https://web.archive.org/web/20231021063637/https://www.devever.net/~hl/xmpp-incident)

Now you might be asking yourself, *why is this a Meta/Mod …

attack attacker certificates community cybersecurity jabber letsencrypt mitm mitm attack popular reports russian server valid xmpp

Visit resource

More from www.reddit.com / cybersecurity

Got a job as a Information Security Engineer; any book recs? 7 hours ago | www.reddit.com
book books ccsp certification +13
Any CCISO holders that can offer insight into the exam? 8 hours ago | www.reddit.com
admin can compliance council +18
Penetration testing report 9 hours ago | www.reddit.com
app cybersecurity penetration penetration testing +2
UCF wins the National Collegiate Cyber Defense Competition 9 hours ago | www.reddit.com
competition cyber cyber defense cybersecurity +4
Composition of roles in a security team 11 hours ago | www.reddit.com
cybersecurity endpoint grc interest +12
How much knowledge do you guys know about the industry that you work in? 15 hours ago | www.reddit.com
banking cybersecurity etc gas +8
Cisco reveals zero-day attacks used by hackers to attack government networks in major threat campaign 16 hours ago | www.reddit.com
attack attacks campaign cisco +7
Any Fortune 100 company go all in on Microsoft E5 Security Suite? 1 day, 2 hours ago | www.reddit.com
all in cybersecurity defender defenders +12
Blueteam Certification like cybersecurity engineers 1 day, 4 hours ago | www.reddit.com
architect blueteam certification certifications +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs