Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

View all posts > 

Filtered by : SSL

More SSL Mess - Logjam

Posted: 21 May 2015 03:18 AM | Tamas Rudnai


More SSL Mess - Logjam

Can we get through a quarter without a major high profile SSL vulnerability? OpenSSL regularly patches high severity issues, however only certain vulnerabilities catch the media’s fancy. Logjam adds to the list of recently discovered high profile SSL vulnerabilities, which include Heartbleed, Poodle and FREAK to name a few. With an estimated 8.4 percent of the Top 1 million domains affected at the time of publication of this blog, this vulnerability poses a significant risk to the internet ecosystem much the same way its predecessors have and still do.

...

Read more > 

Filed under: , , , , , ,

no comments

SSL - a FREAKishly long existence

Posted: 04 Mar 2015 02:00 AM | Tamas Rudnai


SSL, widely adopted and living on borrowed time, has clearly had a rough year. After Heartbleed, Poodle, and many other high-profile vulnerabilities comes FREAK (Factoring attack on RSA-EXPORT Keys), which at the time of publication of this blog breaks approximately 36% of all sites trusted by browsers as per this link including websites belonging to the NSA and FBI. About 12% of high ranked Alexa websites are also believed to be vulnerable to the flaw at this time, thereby placing visitors to these sites at high risk.

 

Exposure and Impact

 

The vulnerability, discovered by Karthikeyan Bhargavan at INRIA in Paris and the mitLS team allows an active attacker to perform a man-in-the-middle attack by downgrading the encrypted connection between a vulnerable client and a server that accepts export-grade RSA keys to 512-bits. The captured key can then be factored using the public cloud in a matter of hours and further be used for decryption of communication between the client and the server. Once the key has been compromised, all personal information including passwords, financial data, etc. is at risk.

...

Read more > 

Filed under: , , ,

no comments

APT1: A Prevention Perspective

Posted: 20 Feb 2013 07:01 PM | Charles Renert


There's been increased interest in targeted attacks and advanced persistent threats in the news lately, from the intrusions on large media outlets and hacks on social networking sites to a recent detailed report of the tactics behind the infiltration of a sophisticated attack family dubbed "APT1"...

Read more > 

Filed under: , , , , , ,

no comments