Zero-day flaw found in Web encryption

Flaw is found in the Transport Layer Security and Secure Sockets Layer protocols, which have typically been used online retailers and banks to provide security for Web transactions.

A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt Web pages, has been made public.

Security researchers Marsh Ray and Steve Dispensa unveiled the TLS (Transport Layer Security) flaw on Wednesday, following the disclosure of separate, but similar, security findings. TLS and its predecessor, SSL (Secure Sockets Layer), are typically used by online retailers and banks to provide security for Web transactions.

Ray, who works with Dispensa at two-factor authentication company PhoneFactor, explained in a blog post this week that he had initially discovered the flaw in August and demonstrated a working exploit to Dispensa at the beginning of September.

Read more of "Zero-day flaw found in web encryption" at ZDNet UK.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Google unveils a new logo

A new Google logo steals attention away from another Google announcement.

by Iyaz Akhtar