Breaking News

Lexar Launches the NM990 PCIe 5.0 SSD DJI Agras T100, T70P and T25P Launches Globally Sony Introduces the RX1R III Razer Introduces Next-Generation Connectivity and Performance with New Thunderbolt 5 Dock and Core X V2 Transcend's New ESD420 Portable SSD Offers MagSafe Compatibility and Pro-Level Performance

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

FREAK Vulnerability Appears In CERT Advisory

FREAK Vulnerability Appears In CERT Advisory

Enterprise & IT Mar 7,2015 0

The Factoring Attack on RSA-EXPORT Keys (FREAK) vulnerability of some SSL/TLS implementations has made headlines lately and has been listed in an official vulnerability note by CERT. Some implementations of SSL/TLS accept export-grade (512-bit or smaller) RSA keys even when not specifically requesting export grade ciphers. An attacker able to act as a Man-in-The-Middle (MiTM) could factor weak temporary RSA keys, obtain session keys, and decrypt SSL/TLS traffic. This issue has been dubbed the FREAK attack.

Products released by Apple, Google, Microsoft, OpenSSL, Opera and Blackberry are vulnerable, according to CERT.

Apple and Microsoft have confirmed the issue and are currently working on patches to address this issue.

In its advisory, CERT advises affected users to check with the software vendor and update as soon as possible. Users should also configure their server and client applications not to use export grade ciphers (EC).

Tags: Security
Previous Post
Google To Bring Android Into VR
Next Post
Three People Charged with One of the Largest Reported Data Breaches in U.S. History

Related Posts

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • Samsung Develops New Security Chip For Mobile Devices

  • Samsung Says Your Galaxy S20’s Secure Processor Protects it Against Hardware Attacks

  • SK Telecom and Samsung Unveil the First QRNG-Powered 5G Smartphone

  • AMD Downplays Reported Side Channel Vulnerabilities in Zen Chips

  • RSA 2020: Intel Announces Compute Lifecycle Assurance Momentum, Previews New Security Capabilities

  • Samsung Introduces Data Security Chip Solution for Mobile Devices

  • Google Adds New Security Measures for Nest Accounts

Latest News

Lexar Launches the NM990 PCIe 5.0 SSD
PC components

Lexar Launches the NM990 PCIe 5.0 SSD

DJI Agras T100, T70P and T25P Launches Globally
Drones

DJI Agras T100, T70P and T25P Launches Globally

Sony Introduces the RX1R III
Cameras

Sony Introduces the RX1R III

Razer Introduces Next-Generation Connectivity and Performance with New Thunderbolt 5 Dock and Core X V2
Gaming

Razer Introduces Next-Generation Connectivity and Performance with New Thunderbolt 5 Dock and Core X V2

Transcend's New ESD420 Portable SSD Offers MagSafe Compatibility and Pro-Level Performance
PC components

Transcend's New ESD420 Portable SSD Offers MagSafe Compatibility and Pro-Level Performance

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Crucial T705 2TB NVME White

Crucial T705 2TB NVME White

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed