Anil Kurmus reports that he was able to steal a Twitter password by using a man-in-the-middle attack. Until now it had been assumed that the problem was largely theoretical and would be made manifest only in very limited scenarios. The design weakness can be exploited by attackers to inject content into secure connections. The vulnerability in the design of the SSL/TLS protocol revealed earlier this month can apparently be used to carry out attacks in practice. Read the full article in The H Security.
Source: https://threatpost.com/ssl-flaw-opens-twitter-mitm-attack-111609/73103/