14 September 2015   
RISE Security Experts discover security issue in TLS

esse_tls_iconESSE, the security team of RISE GmbH, discovered a new critical vulnerability in the ageing TLS (Transport Layer Security) protocol. The vulnerability has been presented at an international IT Security conference. TLS, which is better known as HTTPS (when paired with HTTP), and also known as SSL (Secure Socket Layer), is one of the most important and most used security protocols on the Internet. For example, TLS is widely and worldwide employed by e-banking systems.

The newly discovered weakness allows to open supposedly securely encrypted TLS communication to full-blown Man-in-the-Middle (MitM) attacks: The attack allows hackers to eavesdrop on private communication data and even modify sensitive data arbitrarily while in transit. The work of the security researchers of RISE GmbH closed a crucial security vulnerability. By making the technical details of the attack public, RISE GmbH helps to ensure that the weakness will not resurface in new systems. Among others, Apple’s own TLS library was affected. This allowed an attacker to compromise connections from Apple’s MAC OS X devices to sites such as Facebook. This backdoor has been closed! Facebook has appreciated our efforts with a bug bounty -- a global award.

More information and technical details https://kcitls.org/.

lock
 

Your are currently browsing this site with Internet Explorer 6 (IE6).

Your current web browser must be updated to version 7 of Internet Explorer (IE7) to take advantage of all of template's capabilities.

Why should I upgrade to Internet Explorer 7? Microsoft has redesigned Internet Explorer from the ground up, with better security, new capabilities, and a whole new interface. Many changes resulted from the feedback of millions of users who tested prerelease versions of the new browser. The most compelling reason to upgrade is the improved security. The Internet of today is not the Internet of five years ago. There are dangers that simply didn't exist back in 2001, when Internet Explorer 6 was released to the world. Internet Explorer 7 makes surfing the web fundamentally safer by offering greater protection against viruses, spyware, and other online risks.

Get free downloads for Internet Explorer 7, including recommended updates as they become available. To download Internet Explorer 7 in the language of your choice, please visit the Internet Explorer 7 worldwide page.