TLS renegotiation attacks: 24 of the 100 top HTTPS Sites Safe - Global Quality Journal

« Rackspace Survey: 51% Made Mistakes in Capacity Planning | Main | EBay’s Weekend Crash May Have Cost Merchants 80% of Revenue »

11/25/2009

TLS renegotiation attacks: 24 of the 100 top HTTPS Sites Safe

Netcraft:

24 of the 100 most popular HTTPS websites appear to be safe from the recently documented TLS renegotiation flaws. Meanwhile, the other 76 sites are still vulnerable to renegotiation attacks, which allow a man-in-the-middle attacker to inject data into secure communication streams. To demonstrate the seriousness of the issue, Anil Kurmus published details of an attack scenario that showed how the flaw could be used to steal passwords from vulnerable sites such as Twitter.
Among the top 100 HTTPS websites, there are several banks and commerce companies that remain vulnerable. [more]

posted by: gqpartner

Posted at 07:58 PM | Permalink

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.

Sponsored by:

Global Quality Partners, LLC.

Sign Up for Newsletter

Search GQJournal

WWW
www.gqjournal.com

Sidebar

About Global Quality Journal Blog

February 2015

Recent Posts

GQJ Blogroll

Archives

Recent Comments

Categories

Subscribe to this blog's feed