April 2013 Issue

Threat of the month

Threat of the month: Universal Plug and Play vulnerabilities

Subscribe
Archive

Subscribe	Advertising

Archive	Login \| Register

House Intelligence Committee OKs amended CISPA

Poll results: Is the cyber security executive order good enough?

LIVE NOW: Mobile security eSymposium

SC Editions

Angela Moscaritolo

November 16, 2009

SSL bug used on Twitter

Security researcher Anil Kurmus recently demonstrated an attack against Twitter that leveraged a newly released vulnerability in the common data security protocol Secure Sockets Layer (SSL). Kurmus showed that an attacker could exploit the SSL vulnerability to steal the Twitter credentials of a user that was authenticated through HTTPS. The SSL renegotiation bug, as it is termed, was unveiled earlier this month by security researchers at mobile phone authentication vendor PhoneFactor. — AM

Next Article in News

New Verizon Wireless-themed Zeus campaign hits

Sign up to our newsletters

SC Magazine Articles

More in News

House Intelligence Committee OKs amended version of controversial ...

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help ...

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.