Category

tls

DROWN Attack (CVE-2016-0800), Turing Award and Leo’s Oscar

Hello, A new security vulnerability (“DROWN“: Decrypting RSA with Obsolete and Weakened eNcryption) affecting OpenSSL was disclosed yesterday which allows an attacker to decrypt secure TLS sessions and steal sensitive data such as passwords and credit cards information. All applications that rely on TLS protocol (like websites and email) are therefore affected. The vulnerability (id:...
Read More