“There is no delight in owning anything unshared.”

Cyberattacks September (II) 2011 – Hackers break SSL encryption used by millions of sites

Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that’s passing between a webserver and an end-user browser.

Reported that SSL encryption used by millions of sites had been broken. The vulnerability resides in versions 1.0 and earlier of TLS, or transport layer security, the successor to the secure sockets layer technology that serves as the internet’s foundation of trust. Although versions 1.1 and 1.2 of TLS aren’t susceptible, they remain almost entirely unsupported in browsers and websites.

Analysis & Impacts:
All SSL Web sites that make use of version 1.0 or earlier version of TLS will be vulnerable to eavesdropping by hackers who are able to control the connection between the end user and the website he’s visiting.

More information on this newly discovered SSL vulnerability can be found in these links:

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s