• New HTTPS Hijack attack

    /* Deb Shinder*/ /*">Deb Shinder*/ /*Deb Shinder*/ Posted On September 6, 2012
    0
    35 Views


    A pair of security researchers have developed a new attack that exploits a weakness in the SSL/TLS encryption standard, which leaks information about encrypted sessions that can be used by attackers to hijack HTTPS sessions. These are the same guys who developed the BEAST tool  (Browser Exploit Against SSL/TLS) which targeted a problem with AES. They say it works similarly to BEAST but the known defense against BEAST won't work against this attack. Read more here:

    http://threatpost.com.mx/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512

    Post Views: 35


    Home » Blog Archive » WS Blogs » Debra Shinder WS Blog » New HTTPS Hijack attack

    Author

    Deb Shinder

    Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.




    Leave A Reply

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    • Featured Product

    • Join Our Newsletter

      Learn about the latest security threats, system optimization tricks, and the hottest new technologies in the industry.

      Over 1,000,000 fellow IT Pros are already on-board, don't be left out!

    • Latest Podcast

    • Featured Freeware

    • Follow Us


    You are reading
    New HTTPS Hijack attack
    Share No Comment