#domainfronting β Public Fediverse posts
Live and recent posts from across the Fediverse tagged #domainfronting, aggregated by home.social.
-
"π¨ CVE-2023-28807 - Domain Fronting Evasion in ZIA π¨"
An evasion technique identified as CVE-2023-28807, allows attackers to bypass Zscaler Internet Access (ZIA)'s domain fronting detection by exploiting a mismatch between Connect Host and Server Name Indication (SNI) in Client Hello messages. The vulnerability exploits how ZIA handles the SNI field during the TLS handshake process. The SNI is intended to indicate which host the client wants to connect to within a shared hosting environment, allowing the server to present the correct certificate for that host. However, due to this vulnerability, an attacker can manipulate the SNI in such a way that the security mechanisms fail to correctly identify and filter malicious traffic, enabling the attacker to hide malicious activities within what appears to be legitimate traffic.
This vulnerability, discovered and addressed by Zscaler. Users are urged to upgrade to version 6.2r.290 to mitigate this risk. π‘οΈπ»πTags: #Cybersecurity #CVE2023 #DomainFronting #Zscaler #NetworkSecurity #EvasionTechniques #MITREATTACK MITRE - T1587.003 πππ
-
Azure Networking has released an update which includes a feature that blocks domain fronting behavior on newly created customer resources, as well as feature enhancements to Azure Web Application Firewall (WAF). https://techcommunity.microsoft.com/t5/itops-talk-blog/what-s-new-in-azure-networking-january-2023-edition/ba-p/3724304 #AzureNetworking #DomainFronting #AzureWAF