New Critical Encryption Bug Affects Thousands of Sites
A NEW AND critical vulnerability uncovered by security researchers would allow an attacker to intercept and decrypt secured communications exchanged between users and thousands of web sites and mail servers worldwide.
The vulnerability, dubbed “Logjam,” affects what’s known as the Transport Layer Security protocol that web sites, VPN servers and mail servers use to encrypt traffic. It would allow an attacker sitting between a user and a vulnerable server to lower that encryption to a level more easily cracked. The researchers, an international group composed of academics and non-academics in France and the U.S., found the flaw affects at least 8.4 percent of the top one million web domains, about the same number of mail servers, and every modern web browser.
To conduct an attack, an adversary would need to be on the same network as the user—such as a WiFi network.
The vulnerability, which follows in the wake of other serious infrastructure vulnerabilities like Heartbleedand FREAK, has existed since the 1990s but was only recently uncovered. According to the researchers, the flaw easily could have been used by the NSA to crack secured VPN connections.
“A close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having achieved such a break,” the researchers write in a blog post about the flaw.
Comments