Home Security

Security

Short News: OpenSSL…”FREAK” attack

And once again an OpenSSL vulnerability has been disclosed. It was disclosed by Karthikeyan Bhargavan and the mitLS team. As every vulnerability needs a fancy name these days, this one is called FREAK attack. The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography, which can then be […]

Critical OpenSSL update is live!

Another Flash 0-Day: CVE-2015-0313

Looks like we can’t have two weeks without a flash 0-Day. Today, Feb 2nd, Adobe released another security advisory revealing CVE-2015-0313.  Adobe says that they’re aware of this Flash exploit being actively abused (they’re probably referring to the TendMicro blogpost). Successful exploitation could cause a crash and potentially allow an attacker to take control of […]

March 19: OpenSSL update