Quick Links
News


< Back

Security : Cyber Attacks :   :  

We Have A New Man In The Middle




Jonathan Sander
Strategy & Research Officer
STEALTHbits Technologies

With new details emerging on a severe new OpenSSL vulnerability, Jonathan Sander, Strategy & Research Officer for STEALTHbits Technologies said, “From the same piece of code that brought us Heartbleed, we have a new ‘man in the middle’ (MITM) attack recently published. Since this flaw is in the technology doing the encrypting to protect you, it’s like a bad guy getting your keymaker to pick your locks.

OpenSSL is vulnerable to this MITM attack only if both sides of the conversation are broken in the same way. A man in the middle attack is like a phone tap; someone breaks into the line you’re using to communicate and is able to get all the information going back and forth. The encryption OpenSSL is supposed to grant you is meant to protect you from that, but when the encryption is broken the protection is gone.

This will not be as wide spread as Heartbleed since it requires two points to be broken and it’s a much more complicated attack. But this should serve as more evidence that organization need to take deep security audits seriously so they know how they are being protected – or not being protected – by the technology they have in place.”
 
Details:  https://www.openssl.org/news/secadv_20140605.txt

For more information go to www.stealthbits.com








Advertise your product/service here!
About Us Editorial

© 2019 Simplex Knowledge Company. All Rights Reserved.   |   TERMS OF USE  |   PRIVACY POLICY