.png)
There’s a new attack that breaks the communication encryption provided by SSL and TLS and can therefore lead to theft of extremely sensitive data exchanged between users and a vulnerable server. It has been dubbed DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) by the group researchers who discovered it, and the stems from the fact that many servers out there still support SSLv2, the extremely old and insecure predecessor to TLS. “In technical terms, … More →
from Help Net Security http://ift.tt/1OM4K1H
DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable
By ice41 | 9:22 AM
Leave a Comment
0 comments:
Post a Comment