Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
An attacker can take advantage of weak cipher suites after first detecting the weak cipher and then implementing decryption tools. Weak cipher suites can expose sensitive data or facilitate a machine-in-the-middle (MITM) attack.
Kill Chain
Risk Score
61
A cipher suite is a unique set of algorithms that encrypts and decrypts TLS communications between a client and server, such as the exchange of session keys and data. Cipher suites that contain weak algorithms are vulnerable to attack.
The following cipher suite algorithms are considered weak:
Cipher Block Chaining (CBC): This algorithm has multiple known vulnerabilities, including those related to the Lucky Thirteen (CVE-2013-0169), POODLE (CVE-2014-3566), and BEAST (CVE-2011-3389) attacks.
Data Encryption Standard (DES): This algorithm is considered insecure because the 56-bit key is too small.
Triple Data Encryption Algorithm (3DES): This algorithm has a known vulnerability (CVE-2016-2183).
Rivest Cipher 4 (RC4): This algorithm is considered insecure because of biases in the RC4 keystream that can be exploited.
null: This value indicates that no encryption algorithm is applied to the data.
anon: This value indicates that no authentication is applied to the data.
export: These algorithms were developed to be weak to meet previous United States export laws.
Implement strong cipher suites
Disable weak cipher suites on servers and clients
