HTTPS, SSL attack vector discovered; fix is on the way

Exploits:

News

font size: decrease font size increase font size
Rate this article
View Comments
Related content

A security flaw that has been identified in the Transport Layer Security (TLS) protocol could open the door for man-in-the-middle (MITM) attacks against HTTPS communication. All implementations are said to be vulnerable because the flaw is in the protocol itself. Security researchers are taking steps to resolve the problem. The flaw was originally found in August by researchers Marsh Ray and Steve Dispensa from security company PhoneFactor. They chose not to widely publicize the issue and began working in secret ...

companion photo for HTTPS, SSL attack vector discovered; fix is on the way

A security flaw that has been identified in the Transport Layer Security (TLS) protocol could open the door for man-in-the-middle (MITM) attacks against HTTPS communication. All implementations are said to be vulnerable because the flaw is in the protocol itself. Security researchers are taking steps to resolve the problem.

The flaw was originally found in August by researchers Marsh Ray and Steve Dispensa from security company PhoneFactor. They chose not to widely publicize the issue and began working in secret with other security experts and industry leaders to develop solutions. The flaw became known to the public this week when Martin Rex of SAP discovered it independently and posted a disclosure to the mailing list of the Internet Engineering Task Force.

Read Full Article

Written on Friday, 06 November 2009 06:33 by

Viewed 27 times so far.
Like this? Tweet it to your followers!

Published in Subscribe to the RSS feed of Network Security & Hacking News Network Security & Hacking News / Subscribe to the RSS feed of Latest Security News Latest Security News

Like this? Let your friends know now!

Rate this article

Latest articles from

Weekly Intelligence Summary: 2009 – 11 – 20 posted on Friday, 20 November 2009 09:10
Availability failures dominate risk developments this week. The regional blackout in Brazil at the end…
GCN: Locking down Windows with virtualization posted on Friday, 20 November 2009 15:55
GCN: Locking down Windows with virtualization
Net Security: Linux Kernel "nfs4_proc_lock()" Local Denial of Service posted on Friday, 20 November 2009 15:55
Net Security: Linux Kernel nfs4_proc_lock() Local Denial of Service
Physorg: 'Fingerprinting' RFID Tags - Researchers Develop Anti-Counterfeiting Technology "Engineering researchers at the University of Arkansas have developed a unique and robust method to prevent cloning of passive radio frequency identification tags" posted on Friday, 20 November 2009 15:55
Physorg: 'Fingerprinting' RFID Tags - Researchers Develop Anti-Counterfeiting Technology Engineering researchers at the University of…
SANS Forensics: Helix 3 Pro - First Impressions posted on Friday, 20 November 2009 15:55
SANS Forensics: Helix 3 Pro - First Impressions

Latest 'tweets' from GovernmentSecurity

News Update: Cyber war is coming, the impact could be huge: CBS News reports that cyber.. http://bit.ly/1tx1kr | #Security Link Monday, 09 November 2009 07:35
News Update: Tenable Network #Security Podcast - Episode 11: Welcome to the Tenable Netw.. http://bit.ly/2Iqd6G | Security Link Monday, 09 November 2009 07:35
News Update: Consent will be required for cookies in Europe: EDITORIAL: A law that dema.. http://bit.ly/3JYgip | #Security Link Monday, 09 November 2009 07:35
News Update: CBS 60 Minutes tackles cyber-terrorism: Could hackers get into the compute.. http://bit.ly/2d5Y21 | #Security Link Monday, 09 November 2009 07:35
Blog Update: We have launched the new GovernmentSecurity.org: We decided to launch th.. http://bit.ly/2G1SSF | #Security Link Saturday, 07 November 2009 17:38

blog comments powered by Disqus

back to top

Rate this article

Latest articles from

Latest 'tweets' from GovernmentSecurity

Site Search

Login Form

Disqus Tools