Tag: DROWN

Michelle Drolet

How security researchers and programmers hunt software bugs for cash rewards The business of bug hunting is a potentially lucrative one for both seasoned security researchers and amateurs with an interest in hacking. It’s an area that’s gaining legitimacy thanks to official bug bounty programs and hacking contests, but there’s still a seedy underbelly that

Michelle Drolet

Complacency in addressing known vulnerabilities puts users at risk If you have even a passing interest in security vulnerabilities, there’s no chance that you missed the news about the DROWN vulnerability. It’s one of the biggest vulnerabilities to hit since Heartbleed, potentially impacting a third of all HTTPS websites. By exploiting the obsolete SSLv2 protocol,

Michelle Drolet

Security researchers reveal new technique to break TLS using SSLv2 server. The war to close down security vulnerabilities is never-ending, but the new “DROWN” vulnerability is one of the biggest to rear its ugly head in recent months. A group of security researchers from a number of different universities and research institutes just unveiled this