“DROWN” Security Vulnerability

IT Security Vulnerability – “DROWN”

Another website vulnerability has come to light, called the Drown attack.

It is a hacking technique that makes even (Supposedly secure) https:// websites vulnerable. Researchers in the US, Germany and Israel believe that one third of websites using the HTTPS protocol are vulnerable.

This means hackers can obtain passwords, credit card information, emails and sensitive documents. Therefore financial institutions and online retailers should pay particular attention to this latest threat.

The current recommendation is that Administrators of vulnerable servers and websites need to take action. There is nothing practical that browsers or end-users can do on their own to protect against this attack.

If you want to know if a website is vulnerable before you use it, you can do so with this free testing tool. Should you have any further concerns you should contact your network and website administrators to determine the actions to take to protect against the threat.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s