Breaking News

Samsung’s One UI 8 Expands to More Galaxy Devices ASUS Unveils ProArt Displays, PC Solutions, and More at IBC 2025 GIGABYTE AI-Powered X870E AORUS X3D Motherboards Redefining Performance and Innovation Sony Reimagines its 10 Series with Xperia 10 VII MSI Unveils MPG Infinite Z3 X3D Gaming Desktop

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

FREAK Vulnerability Appears In CERT Advisory

FREAK Vulnerability Appears In CERT Advisory

Enterprise & IT Mar 7,2015 0

The Factoring Attack on RSA-EXPORT Keys (FREAK) vulnerability of some SSL/TLS implementations has made headlines lately and has been listed in an official vulnerability note by CERT. Some implementations of SSL/TLS accept export-grade (512-bit or smaller) RSA keys even when not specifically requesting export grade ciphers. An attacker able to act as a Man-in-The-Middle (MiTM) could factor weak temporary RSA keys, obtain session keys, and decrypt SSL/TLS traffic. This issue has been dubbed the FREAK attack.

Products released by Apple, Google, Microsoft, OpenSSL, Opera and Blackberry are vulnerable, according to CERT.

Apple and Microsoft have confirmed the issue and are currently working on patches to address this issue.

In its advisory, CERT advises affected users to check with the software vendor and update as soon as possible. Users should also configure their server and client applications not to use export grade ciphers (EC).

Tags: Security
Previous Post
Google To Bring Android Into VR
Next Post
Three People Charged with One of the Largest Reported Data Breaches in U.S. History

Related Posts

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • Samsung Develops New Security Chip For Mobile Devices

  • Samsung Says Your Galaxy S20’s Secure Processor Protects it Against Hardware Attacks

  • SK Telecom and Samsung Unveil the First QRNG-Powered 5G Smartphone

  • AMD Downplays Reported Side Channel Vulnerabilities in Zen Chips

  • RSA 2020: Intel Announces Compute Lifecycle Assurance Momentum, Previews New Security Capabilities

  • Samsung Introduces Data Security Chip Solution for Mobile Devices

  • Google Adds New Security Measures for Nest Accounts

Latest News

Samsung’s One UI 8 Expands to More Galaxy Devices
Smartphones

Samsung’s One UI 8 Expands to More Galaxy Devices

ASUS Unveils ProArt Displays, PC Solutions, and More at IBC 2025
Enterprise & IT

ASUS Unveils ProArt Displays, PC Solutions, and More at IBC 2025

GIGABYTE AI-Powered X870E AORUS X3D Motherboards Redefining Performance and Innovation
PC components

GIGABYTE AI-Powered X870E AORUS X3D Motherboards Redefining Performance and Innovation

Sony Reimagines its 10 Series with Xperia 10 VII
Smartphones

Sony Reimagines its 10 Series with Xperia 10 VII

MSI Unveils MPG Infinite Z3 X3D Gaming Desktop
Gaming

MSI Unveils MPG Infinite Z3 X3D Gaming Desktop

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Terramaster F8-SSD

Terramaster F8-SSD

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Noctua NH-D15 G2

Noctua NH-D15 G2

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Pure Base 501

be quiet! Pure Base 501

Akaso 360 Action camera

Akaso 360 Action camera

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed