Hello Guest, welcome to torrentinvites.org - Your #1 source for Torrent Invites!
CLICK HERE to register for free and gain full access to TI.org!
Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!
3Likes
-
3
Post By Insideman
-
Another OpenSSL Vulnerability Left Encrypted Data Exposed For 10 Years
It’s been just a few months since the Heartbleed OpenSSL security flaw was discovered, and we’re now learning about a newly-discovered hole in the widely-used security protocol. The good news is that there’s a fix. The bad news is that the vulnerability has existed for a decade, and we’ll never know how much it was exploited.
Wired reports that the OpenSSL Foundation, the non-profit that keeps a watchful eye over the security protocol, just published an advisory warning about a decade-old bug discovered by Japanese security researcher Masashi Kikuchi. Dubbed the CCS Injection Vulnerability, the bug allows attackers who are eavesdropping on a network to nab encrypted data during the “handshake” that establishes secure connections. During the handshake, the attacker can decrypt the data whilst forcing the servers to use weak encryption keys.
Luckily, there’s a fix for the bug published by Kikuchi’s employer Lepidum, but because the attack leaves no trace, we’ll never know how many times the it was exploited, if at all.
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules