Cloud Services Still Vulnerable

By /

DROWN, the latest in a series of SSL/TLS-related security vulnerabilities that was revealed a week ago, can be exploited to intercept, decrypt,  access and modify encrypted data even when it’s sent via TLS (the newer and more secure version of SSL) if there is a server with SSL v2 enabled that uses the same private key. 

Updates were released to address the vulnerability in OpenSSL, but a scan of servers conducted this week showed that most of the cloud services that are affected by this vulnerablity still had not fixed the problem. Ouch. 

Read more here:
http://www.securityweek.com/drown-vulnerability-still-unpatched-most-cloud-services 

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Static vs Dynamic IP Address

Static vs Dynamic IP Address

Most people are familiar with Internet Protocol (IP) Addresses, but many people don’t know you have 2 types. In this article, you’ll learn about static…

Read More »

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top