HTTPS Articles

HTTPS pages face new risk, sensitive data stolen

  • 06/08/2016 at 17:49 by It's a Gadget Staff
  • News

Security KeyBad news! HTTPS, which has been touted as being more secure than the older HTTP, has now become a less so. An attack that steals sensitive information, such as social security numbers and email addresses, has been announced.

This is not the first time a leak has been discovered in HTTP coding. In fact, it isn’t the first time this particular exploit, HEIST, has been seen. But it has been once more proven as a threat by researchers who have warned major tech companies of the ability to continue exploiting it.

+Continue Reading

Logjam Attack Affects Large Number of Websites

  • 21/05/2015 at 08:02 by It's a Gadget Staff
  • News

Security KeyA new attack vulnerability has been found that has ten of thousands of HTTPS-protect websites, mail servers and other internet services open to eavesdropping. There are 8.4% of the top million websites open to this vulnerability and more mail services using the IPv4 address space. The issue is found in the Diffie-Hellman key exchange, and the attack called Logjam. Mail servers that use simple mail transfer protocol with StartTLS, secure POP3 and IMAP are vulnerable in 14.8 percent, 8.9 percent and 8.4 percent.

The Diffie-Hellman key exchange was designed for users who have no contact with each other can send encrypted information to each other. A shared key is agreed upon using the Diffie-Hellman key exchange for allowing Internet protocols on a negotiated secure connection. HTTPS, SSH, IPsec, SMTPS and other protocols that need TLS require the Diffie-Hellman key exchange.

+Continue Reading