|21 Aug 2011||#1|
| || |
Improper SSL Implementations Leave Websites Wide Open to Attack
Improper configuration is rendering SSL nearly useless as organizations are transmitting sensitive information online without any security.
Security researchers are buzzing about the flaws in the Secure Sockets Layer system and the fact that a significant portion of the Internet is vulnerable to attack. At the recent Black Hat security conference in Las Vegas, there were several reports and panels addressing various issues.
Based on the PKI (public key infrastructure), the SSL protocol has grown "organically" to become nearly ubiquitous within the world's largest organizations to keep Internet communications secure, Jeff Hudson, CEO of Venafi, told eWEEK.
However, less than a fifth of Websites claiming to have SSL deployed correctly redirect traffic, according to a report released by Qualys at Black Hat. Of the nearly 250,000 sites with SSL turned on that were surveyed, only 51,000 were properly redirecting to SSL for authentication, according to the report from the Qualys community project, SSL Labs. The remaining 80 percent of the sites may or may not redirect to SSL, making them vulnerable to a man-in-the middle attack from Firesheep and other tools.
|My System Specs|
|Similar help and support threads for2: Improper SSL Implementations Leave Websites Wide Open to Attack|
|Common security flaws leave applications open to amateur hackers||Security News|
|some programs leave open window on boot||Installation & Setup|
|Attack Toolkits and Malicious Websites||Security News|
|Thousands of Recently Compromised Websites Waiting to Attack||News|
|Certain websites never open||Network & Sharing|
|How to make open programs on taskbar display wide?||Customization|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 08:39 PM.