DROWN SSLv2 Vulnerability Rears Ugly Head, Puts One-Third of HTTPS Servers At Risk – TrendLabs Security Intelligence Blog

 

A “new” and important vulnerability has been discovered that affects HTTPS and other services that rely on SSL/TLS implementations. This flaw is in the SSLv2 protocol, and affects all implementations. Researchers refer to this attack as DROWN – short for “Decrypting RSA using Obsolete and Weakened eNcryption”. This attack allows attackers to read or steal information sent via the “secure” connection. No attacks in the wild are currently known.

Source: DROWN SSLv2 Vulnerability Rears Ugly Head, Puts One-Third of HTTPS Servers At Risk – TrendLabs Security Intelligence Blog


Posted

in

by

Tags:

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.