Give a tip


  • Posts

  • Joined

  • Last visited

 Content Type 



Release Notes

Bug Tracker

Help page

Help page-CN

Release Note5

Rules and recruitment

Release Note6

Everything posted by KelvinSmith

  1. Dinataspace replied at 2015-3-16 19:11 On this March, there is a new SSL/TLS vulnerability called the FREAK attack. It allows an attacker ... Yeah. The FREAK Attack is latest in cyber vulnerability. After DDoS that lead to Internet slowdown globally, enterprises are under constant strain. Therefore, it becomes important for us to know about FREAK and adopt ways to safeguarding ourselves.
  2. Unfortunately, a lot of services and servers depend on SSL, not just HTTPS sites. Like: mail servers, SSH, and other business applications use custom port depend on SSL, and they all need to be updates to stop supporting SSLv3. All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle on Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios.