Skip to content

Gotham Security Daily Threat Alerts

by on March 16, 2016

March 11, SecurityWeek – (International) DROWN vulnerability still unpatched by most cloud services. A team of researchers released a report stating that the severe vulnerability, Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) affecting many cloud services, was not patched after security researchers found the attack affects Hypertext Transfer Protocol Secure (HTTPS) and other services that rely on Secure Sockets Layer (SSL) and Transport Layer Security (TLS). The vulnerability allows attackers the ability to compromise an encrypted session even if the session is encrypted with a more secure TLS protocol. Source

From → Security

Comments are closed.

%d bloggers like this: