The DROWN attack

The DROWN attack (Decrypting RSA with Obsolete and Weakened eNcryption) makes it possible for an attacker to decrypt previously recorded TLS encrypted connections and then to obtain sensitive information in these communications. By sending a large number of specially prepared handshake messages to a server supporting SSLv2, attackers can obtain ... Read More »

7th Mar 2016