Weak encryption is a real risk to data privacy and security. This article, based on Packet Detectives’ episode “The case of the unknown TLS versions,” shows how you can use packet capture (via Endace) and Wireshark to discover the outdated & vulnerable devices that exist on your network

Updates to TLS have significantly strengthened data Privacy over the Internet with the introduction of perfect forward secrecy and stronger crypto ciphers in TLS 1.2 and TLS 1.3. Stronger cyphers, which are almost impossible to crack using modern computers, protects the privacy of sensitive data as it traverses the Internet.

Weak cyphers can leave sensitive transactions exposed to brute force attacks and man-in-the-middle (MitM) attacks. For example, your login credentials, password, or sensitive data that displays in your web browser may be exposed if a cybercriminal decrypts a TLS session can be decrypted. It’s for this reason that the industry is rapidly moving to deprecate TLS 1.0 and 1.1.

Back in 2018, Google, Microsoft, Apple and Mozilla announced that their browsers will remove support for these Outdated Versions of TLS. Many cloud services, such as Office 365, have pledged to do the same.

To reduce the threat of these attacks and the consequences that accompany them, it’s essential that all of your devices, servers and applications are using the most recent versions of TLS (TLS 1.2 or later). But how can you tell what version of TLS encryption is being used? And how can you ensure that all of your connected devices and endpoints aren’t using outdated versions of the TLS protocol? We’ll walk you through the process of collecting network Packet data using Endace and Wireshark.

Let’s hash it out.

The post TLS Is Only as Strong as Its Weakest Link appeared first on Hashed Out by The SSL Store™.