Breaking News

ASRock Releases AM5 Motherboard BIOS Update EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA MSI Unveils MAG 272QP QD-OLED X50 Monitor Sony completes its INZONE gaming gear range with new headsets and more

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

FREAK Vulnerability Appears In CERT Advisory

FREAK Vulnerability Appears In CERT Advisory

Enterprise & IT Mar 7,2015 0

The Factoring Attack on RSA-EXPORT Keys (FREAK) vulnerability of some SSL/TLS implementations has made headlines lately and has been listed in an official vulnerability note by CERT. Some implementations of SSL/TLS accept export-grade (512-bit or smaller) RSA keys even when not specifically requesting export grade ciphers. An attacker able to act as a Man-in-The-Middle (MiTM) could factor weak temporary RSA keys, obtain session keys, and decrypt SSL/TLS traffic. This issue has been dubbed the FREAK attack.

Products released by Apple, Google, Microsoft, OpenSSL, Opera and Blackberry are vulnerable, according to CERT.

Apple and Microsoft have confirmed the issue and are currently working on patches to address this issue.

In its advisory, CERT advises affected users to check with the software vendor and update as soon as possible. Users should also configure their server and client applications not to use export grade ciphers (EC).

Tags: Security
Previous Post
Google To Bring Android Into VR
Next Post
Three People Charged with One of the Largest Reported Data Breaches in U.S. History

Related Posts

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • Samsung Develops New Security Chip For Mobile Devices

  • Samsung Says Your Galaxy S20’s Secure Processor Protects it Against Hardware Attacks

  • SK Telecom and Samsung Unveil the First QRNG-Powered 5G Smartphone

  • AMD Downplays Reported Side Channel Vulnerabilities in Zen Chips

  • RSA 2020: Intel Announces Compute Lifecycle Assurance Momentum, Previews New Security Capabilities

  • Samsung Introduces Data Security Chip Solution for Mobile Devices

  • Google Adds New Security Measures for Nest Accounts

Latest News

ASRock Releases AM5 Motherboard BIOS Update
PC components

ASRock Releases AM5 Motherboard BIOS Update

EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point
Enterprise & IT

EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point

DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA
Drones

DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA

MSI Unveils MAG 272QP QD-OLED X50 Monitor
Consumer Electronics

MSI Unveils MAG 272QP QD-OLED X50 Monitor

Sony completes its INZONE gaming gear range with new headsets and more
Consumer Electronics

Sony completes its INZONE gaming gear range with new headsets and more

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Terramaster F8-SSD

Terramaster F8-SSD

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed