OpenSSL Secured Websites Vulnerable to DROWN

A group of international academic researchers have discovered a vulnerability in OpenSSL security that has the potential to affect as many as 11.5 million servers. The hole in this security protocol allows Secure Sockets Layer (SSLv2) an outdated security protocol, to be used to attack modern websites. The attack that exploits this vulnerability has been titled DROWN (Decrypting RSA with Obsolete and Weakened eNcryption - CVE-2016-0800), and it is estimated to...

Read More