MEST Journal ISSN 2334-7058 (Online) DOI 10.12709/issn.2334-7058

Babington Plot, computer applications, computer networks, Internet, MITM.

Amato, F., & Kirschbaum, F. (2010). evilgrade, "You still have pending upgrades!". Retrieved from Defcon: https://www.defcon.org/images/defcon-18/dc-18-presentations/Amato-Kirschabum/DEFCON-18-Amato-Kirschabum-Evilgrade.pdf

Antonioli, D. (2023). BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses. Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (pp. 636-659). Copenhagen: ACM.

Arndt, J. (2023, May 09). Man-in-the-Middle (MitM) attacks reaching inboxes increase 35% since 2022. Retrieved from Cofense: https://cofense.com/blog/cofense-intelligence-strategic-analysis-2/?utm_source=bambu&utm_medium=social&utm_campaign=advocacy&blaid=4531672

Ashford, W. (2018, May 15). No need to panic about Efail attacks. Retrieved from ComputerWeekly: https://www.computerweekly.com/news/252441102/No-need-to-panic-about-Efail-attacks

Case No. 5:16-MD-02752-LHK, U. S. (2020, Mar 06). Yahoo! Inc. Customer Data Security Breach Litigation Settlement. Case No. 5:16-MD-02752-LHK . Retrieved from Yahoodatabreachsettlement: https://yahoodatabreachsettlement.com/

Cekerevac, Z., Dvorak, Z., Prigoda, L., & Cekerevac, P. (2017, 07 15). Internet of things and the man-in-the-middle attacks – Security and economic risks. (Z. Čekerevac, Ed.) MEST Journal, 5(2), 15-25. doi:10.12709/mest.05.05.02.03

CISA. (2016, Sep 30). Lenovo Superfish Adware Vulnerable to HTTPS Spoofing. Retrieved from Cybersecurity & Infrastructure Security Agency: https://www.cisa.gov/news-events/alerts/2015/02/20/lenovo-superfish-adware-vulnerable-https-spoofing

Ecuron. (2023). Man In The Middle Attack (MITM) – A Primer. Retrieved from Ecuron: https://www.ecuron.com/man-in-the-middle-attack-mitm-a-primer/

EFAIL. (2018, May 16). Retrieved from EFAIL: https://efail.de/

Evans, D. (2011, Apr). The Internet of Things - How the Next Evolution of the Internet Is Changing Everything. Retrieved from Cisco - White Paper: http://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf

Fortinet. (2020). 2020 State of Operational Technology and Cybersecurity Report. Fortinet. Retrieved from https://www.arrow.com/ecs-media/10918/report-2020-ot-cybersecurity.pdf

Goldstein, P. (2023, Oct 13). How To Detect and Prevent ‘Man in the Middle’ Attacks. Retrieved from BizTech.

Goodin, D. (2015, Feb 19). Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections [Updated]. Retrieved from ars Technica: https://arstechnica.com/information-technology/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/

Gregg, M. (2015, 12 11). Six ways you could become a victim of man-in-the-middle (MiTM) attacks this holiday season. Retrieved from The Huffington Post: http://www.huffingtonpost.com/michael-gregg/six-ways-you-could-become_b_8545674.html

Gregg, M. (2015A). How new technologies are reshaping MiTM attacks. Retrieved from TechTarget: http://searchnetworking.techtarget.com/tip/How-new-technologies-are-reshaping-MiTM-attacks

Henriques, N. (2016, Dec 19). 1-Billion Yahoo Users' Database Reportedly Sold For $300,000 on Dark Web. Retrieved from Linkedin: https://www.linkedin.com/pulse/1-billion-yahoo-users-database-reportedly-sold-300000-nuno-henriques

Hylender, C. D., Langlois, P., Pinto, A., & Widup, S. (2023). 2023 Data Breach Investigations Report. Verizon. Retrieved from Verizon.

Hypr. (2023). Adversary-in-the-Middle (AitM). Retrieved from HYPR: https://www.hypr.com/security-encyclopedia/adversary-in-the-middle

Irei, A., & Scarpati, J. (2022, Dec 06). Wireless security: WEP, WPA, WPA2 and WPA3 differences. Retrieved from TechTarget: https://www.techtarget.com/searchnetworking/feature/Wireless-encryption-basics-Understanding-WEP-WPA-and-WPA2

Jasek, S. (2016, Jul-Aug). GATTacking Bluetooth Smart Devices - Introducing a New BLE Proxy. Black Hat USA 2016 (p. 49). Mandalay Bay, Las Vegas: Black hat. Retrieved from Black hat: https://www.blackhat.com/docs/us-16/materials/us-16-Jasek-GATTacking-Bluetooth-Smart-Devices-Introducing-a-New-BLE-Proxy-Tool.pdf

Khandelwal, S. (2016, Dec 15). Yahoo Admits 1 Billion Accounts Compromised in Newly Discovered Data Breach. Retrieved from The Hacker News: https://thehackernews.com/2016/12/yahoo-data-breach-billion.html

Kiprin, B. (2021, Apr 02). What Is the Heartbleed Bug and How to Prevent It. Retrieved from VeraCode: https://crashtest-security.com/prevent-heartbleed/

Martens, B. (2023, Jun 07). What Is a Man-in-the-Middle Attack? [Full Guide 2023]. Retrieved from Safety Detectives: https://www.safetydetectives.com/blog/avoiding-the-man-in-the-middle-preventing-a-common-cyberattack/

Microsoft. (2023, Jun 08). Detecting and mitigating a multi-stage AiTM phishing and BEC campaign. Retrieved from Microsoft: https://www.microsoft.com/en-us/security/blog/2023/06/08/detecting-and-mitigating-a-multi-stage-aitm-phishing-and-bec-campaign/

Ornaghi, A., & Valleri, M. (2015, Mar 14). Ettercap project. Retrieved from Ettercap: https://ettercap.github.io/ettercap/index.html

Perlroth, N. (2017, Oct 03). All 3 Billion Yahoo Accounts Were Affected by 2013 Attack. The New York Times. Retrieved from https://www.nytimes.com/2017/10/03/technology/yahoo-hack-3-billion-users.html

Poddebniak, D., Dresen, C., Mueller, J., Ising, F., Schinzel, S., Friedberger, S., . . . Schwenk, J. (2018). Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels. 27th USENIX Security Symposium (pp. 549-566). Baltimore: USENIX.

Poremba, S. (2022, Sep 08). How to prevent man-in-the-middle attacks in healthcare. Retrieved from Verizon: https://www.verizon.com/business/resources/articles/s/how-to-prevent-man-in-the-middle-attacks-in-healthcare/

Proofpoint. (2016, Dec 13). Home Routers Under Attack via DNSChanger Malware on Windows, Android Devices. Retrieved from Proofpoint: https://www.proofpoint.com/us/blog/threat-insight/home-routers-under-attack-dnschanger-malware-windows-android-devices#

Rocha, E. (2018, Oct 1). GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers. Retrieved from GlobalDots: https://www.globaldots.com/resources/blog/ghostdns-new-dns-changer-botnet-hijacked-over-100000-routers/

Rowe, B. (2023, Sep 14). The Latest Phishing Trends and Predictions. Retrieved from Securus Communications: https://securuscomms.co.uk/the-latest-phishing-trends-and-predictions/

Senouci, F. z. (2023, Jul 23). Yahoo Data Breach: An In-Depth Analysis of One of the Most Significant Data Breaches in History. Retrieved from Medium: https://shellmates.medium.com/yahoo-data-breach-an-in-depth-analysis-of-one-of-the-most-significant-data-breaches-in-history-ba5b46be560b

Song, D. (2001). Dsniff. Retrieved from monkey.org: https://www.monkey.org/~dugsong/dsniff/

Spring, T. (2016, Aug 11). Bluetooth Hack Leaves Many Smart Locks, IoT Devices Vulnerable. Retrieved from threatpost: https://threatpost.com/bluetooth-hack-leaves-many-smart-locks-iot-devices-vulnerable/119825/

Stockley, L. (2021, Nov 22). MitM Attacks: How to Avoid the Mobile Piggy in the Middle. Retrieved from Traced: https://traced.app/2021/11/22/mitm-attacks-how-to-avoid-the-mobile-piggy-in-the-middle/

Sullivan, N. (2021, Mar 27). Heartbleed Revisited. Retrieved from Cloudflare: https://blog.cloudflare.com/heartbleed-revisited/

Toulas, B. (2023, Nov 28). New BLUFFS attack lets attackers hijack Bluetooth connections. Retrieved from BleepingComputer: https://www.bleepingcomputer.com/news/security/new-bluffs-attack-lets-attackers-hijack-bluetooth-connections/

Tran, S. (2017, Feb 21). Verizon and Yahoo amend terms of definitive agreement. Retrieved from Verizon News Center: https://www.verizon.com/about/news/verizon-and-yahoo-amend-terms-definitive-agreement

Vailshery, L. S. (2023, Jul 27). Number of Internet of Things (IoT) connected devices worldwide from 2019 to 2023, with forecasts from 2022 to 2030. Retrieved from Statista: https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/

Vanhoef, M., & Piessens, F. (2017). Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse. Retrieved from Krackattacks: https://www.krackattacks.com/

Vanhoef, M., & Ronen, E. (2019, Apr). Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. IEEE Symposium on Security and Privacy. Oakland (San Francisco): IEEE. Retrieved from https://wpa3.mathyvanhoef.com/

Venter, S. (2023, Mar 22). Why your servers can still suffer from (a) Heartbleed – and what to do. Retrieved from TuxCare: https://tuxcare.com/blog/why-your-servers-can-still-suffer-from-a-heartbleed-and-what-to-do/

Verizon. (2021). 2021 Mobile Security Index. Verizon. Retrieved from Verizon: https://www.verizon.com/business/resources/reports/mobile-security-index.html

Verizon. (2023). 2023 Mobile Security Index white paper. Verizon. Retrieved from https://www.verizon.com/business/resources/reports/mobile-security-index-report.pdf

Vijayan, J. (2019, Apr 08). 'Exodus' iOS Surveillance Software Masqueraded as Legit Apps. Retrieved from DarkReading: https://www.darkreading.com/cyberattacks-data-breaches/-exodus-ios-surveillance-software-masqueraded-as-legit-apps

W3Techs. (2023, Dec 11). Usage statistics of HTTP Strict Transport Security for websites. Retrieved from W3Techs Web Technology Surveys: https://w3techs.com/technologies/details/ce-hsts

Zadig, S. (2012-2013, Fall/Winter). Botnet Investigations: An Inspector General Perspective. The Journal of Public Inquiry, 38-42.