Security researcher Anil Kurmus recently demonstrated an attack against Twitter that leveraged a newly released vulnerability in the common data security protocol SecureSockets Layer (SSL). Kurmus showed that an attacker could exploit the SSL vulnerability to steal the Twitter credentials of a user that was authenticated through HTTPS. The SSL renegotiation bug, as it is termed, was unveiled earlier this month by security researchers at mobile phone authentication vendor PhoneFactor. — AM
The Secure Socket Layer (SSL) protocol is under attack. In the last year, new vulnerabilities have been uncovered that allows malicious attackers to undermine security that organizations put in place to protect themselves and their end users sensitive information.
Encrypted Secure Socket Layer (SSL) communications between internal corporate employees and external internet applications is "invisible" to companies and so comprises a "risk to the enterprise," new research has claimed.