1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DROWN attack breaks TLS encryption, one-third of all HTTPS servers vulnerable

Discussion in 'Help Net Security' started by RSS, Mar 1, 2016.

  1. RSS

    RSS New Member Member

    There’s a new attack that breaks the communication encryption provided by SSL and TLS and can therefore lead to theft of extremely sensitive data exchanged between users and a vulnerable server. It has been dubbed DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) by the group researchers who discovered it, and the stems from the fact that many servers out there still support SSLv2, the extremely old and insecure predecessor to TLS. “In technical terms, … More →

    Continue reading...

Share This Page