What's new

DROWN Vulnerability

chris

Top Contributor
A new security vulnerability called DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) recently announced:

DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security.

You can test your systems and get more info here:

https://drownattack.com/
 

chris

Top Contributor
Sounds like another heartbleed type headache....thanks for sharing Chris, I will run a couple of my sites through this

For sure!

Vulnerable at Disclosure (March 1)
HTTPS — Top one million domains 25%
HTTPS — All browser-trusted sites 22%
HTTPS — All sites 33%

It's also an interesting take on modern marketing. Researchers now realise that they need to brand and market these critical vulnerabilities to get mass awareness, and it works! Mainstream media are much more likely to pick up the story, just like Heartbleed and Poodle.
 

Community sponsors

Members online

No members online now.

Forum statistics

Threads
11,048
Messages
92,225
Members
2,209
Latest member
lovegroves1

Industry and community links

Top