Got a question? Call 1800 853 276   |   
Contact usCheckoutContact us
Cyber Security Category Banner Image

TeLeScope can cause sleepless nights

By DDLS Webmaster | 14 September 2016

TeLeScope is a method to eavesdrop on TLS (hence the specific capitalisation in TeLeScope) communications between a virtualised server and a client without leaving any forensic evidence behind.

The attack capability was discovered by Bitdefender, who suggest that a CIO who outsources their virtualised infrastructure to third party providers should assume that all communications can be or has been snooped on by anyone knowledgeable enough to take advantage of the flaw.

“…we decided to publically disclose this in detail, as the social, economic and political stakes of passive traffic monitoring in virtualised environments are overwhelming”, states Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender.

The following Help Net Security article discusses the ramifications in relatively simple language, while Radu Caragea’s whitepaper discusses the method technically.

References:The Help Net Security article – Hypervisor wiretap feature can leak data from the cloud Radu Caragea’s whitepaper – TeLeScope – real-time peering into the depths of TLS traffic from the hypervisor

Are you protected by a Certified Ethical Hacker?

Terry

Want to learn more about how to protect your IT information and privacy? Attend the EC-Council Certified Ethical Hacker course at DDLS.


Feature Articles


Blog
What to look for in a cloud security system and in training
By Leif Pedersen | 19 February 2024
Read
Blog
Bridging the gap between innovation and safety with AWS security training
By Leif Pedersen | 26 January 2024
Read
eBook
Drive Innovation with IT Service Management Training
11 December 2023
Read
Blog
Unleashing the Power of Data Analytics: A Call for Governments and Public Sector Agencies
By Chloe Villanueva | 20 November 2023
Read