Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Old Crypto Vulnerability Hits Major Tech Firms

wiredmikey writes: A team of Researchers has revived an old Crypto Vulnerability and determined that it affects the products of several major vendors and a significant number of the world's top websites. The attack/exploit method against a Transport Layer Security (TLS) vulnerability now has a name, a logo and a website. It has been dubbed ROBOT (Return Of Bleichenbacher's Oracle Threat) and, as the name suggests, it's related to an attack method discovered by Daniel Bleichenbacher back in 1998. ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain conditions. While proof-of-concept (PoC) code will only be made available after affected organizations have had a chance to patch their systems, the researchers have published some additional details. Researchers have made available an online tool that can be used to test public HTTPS servers. An analysis showed that at least 27 of the top 100 Alexa websites, including Facebook and PayPal, were affected.

Read more of this story at Slashdot.



This post first appeared on Werbung Austria - Slashdot, please read the originial post: here

Share the post

Old Crypto Vulnerability Hits Major Tech Firms

×

Subscribe to Werbung Austria - Slashdot

Get updates delivered right to your inbox!

Thank you for your subscription

×