Critical flaw in encryption has been in OpenSSL code for over 15 years

One of the critical vulnerabilities in OpenSSL has been gone undetected since December 1998. The vulnerability can be exploited by a man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The remaining four flaws patched today could be used for denial-of-service attacks, SANS Internet Storm Center classified two of the six newly patched vulnerabilities as critical, and warned that they may lead to arbitrary code execution”]

Source: https://www.csoonline.com/article/2360229/critical-flaw-in-encryption-has-been-in-openssl-code-for-over-15-years.html

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text