The US National Security Agency issued a security bulletin warning companies not to use wildcard TLS certificates due to their insecurity and the ALPACA TLS attacks.
Let me remind you that wildcard certificates are TLS certificates that are provided by certification authorities and can be used simultaneously for a domain and for all its subdomains (*.example.com). For many years, companies have used such certificates to reduce costs and alleviation of management because administrators can use the same certificate on all servers. Alas, this convenience comes at a price, because if an attacker breaks into the server in this case, he compromises the entire company.
The NSA also warns of a new attack, ALPACA (Application Layer Protocol Content Confusion Attack), which information security researchers spoke about last summer. This attack also works through the use of wildcard certificates.
Essentially, ALPACA allows an attacker to trick web servers into responding to encrypted HTTPS requests over unencrypted protocols, including FTP, IMAP, POP3, and others. According to the experts who came up with ALPACA, a successful attack “will allow to extract session cookies, other personal user data, or execute arbitrary JavaScript in the context of a vulnerable web server, bypassing TLS and web application protection.”
A detailed description of ALPACA was published in June this year, but then the problem was not considered seriously, because to implement an attack, an attacker needs to be able to intercept the victim’s traffic, which significantly reduces the risks. However, over the summer, researchers still warned that more than 119,000 web servers were vulnerable to ALPACA.
The NSA is now urging organizations to take ALPACA seriously and test whether their servers are vulnerable (especially if organizations are dealing with confidential information or are part of the US government network).
The NSA recommends several methods of protection, including asking organizations to enable ALPN (Application-Layer Protocol Negotiation), an extension of TLS that prevents servers from responding to requests using protocols prohibited by the administrator (FTP, IMAP, and others).
Let me remind you that I also reported that the FBI and NSA release a statement about attacks by Russian hackers.