Get a Pentest and security assessment of your IT network.

News

Musings on Information Security and Data Privacy: The BEAST summary

Juliano Rizzo and Thai Duong presented a Proof of Concept of an attack against TLS 1.0. The attack is first documented in 2001 and discussed in papers in 2005 and 2006. Attacks were documented, some countermeasures implemented in some SSL stacks, but deemed impractical and forgotten. The publication by Juliano and Thai should create the necessary incentive for Vendors to implement and use TLS1.1 and/or TLS 12. The Phone Factor (the guys behind the TLS session renegotiation vulnerability) propose prioritizing RC4 over AES or DES as a short term mitigation.”]

Source: https://blog.zoller.lu/2011/09/beast-summary-tls-cbc-countermeasures.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Thousands of Magento websites compromised to serve malware

News

Office 365 Secure Score: An Introduction