Double Security Whammy, No Patches: Killer SSL DDoS Attack, XML Encryption Broken

A German hacking group released a new SSL DDoS tool that can be successfully launched from a single laptop, a single DSL connection, to take down a server. Researchers in Germany found and exploited a flaw that breaks the W3C XML Encryption standard with a serious attack that works in all cases. Microsoft, IBM, Red Hat, Apache and other major XML framework providers will need to adopt a new standard. The THC-SSL-DOS attack tool “does not require any bandwidth and just a single attack computer””]

Source: https://www.csoonline.com/article/2220944/double-security-whammy-no-patches-killer-ssl-ddos-attack-xml-encryption-broken.html

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text