“There’s a critical vulnerability in some versions of the widely used OpenSSL code library that in some cases allows attackers to impersonate cryptographically protected websites, e-mail servers, and virtual private networks, according to an advisory issued early Thursday morning. The bug allows attackers to force vulnerable end-user applications into treating an invalid certificate as a legitimate transport layer security (TLS) or secure sockets layer (SSL) credential. As a result, adversaries with the ability to monitor a connection between the end user and trusted server could intercept or even modify data passing between them.”
Related posts:
Fed Chairman Shrinks as Balance Sheet Grows
Silk Road Update: Federal Prosecutors File Separate Forfeiture Complaint
Silver: I Won't Be Able to Stack High Enough!
Bitfury 400 GH/s Bitcoin Mining Rig Hits US Shores; $19,250 For August Delivery
Bankster Gets Away with Stabbing Cabby
Georgia: The New CIA-NATO Arab Terrorist Training Center
Marc Faber Buying Gold, But Won't Keep It In America
Europe's Political Response To Voters May Increase Violence
Mystery Sponsor Of Weapons And Money To Syrian Mercenary "Rebels" Revealed
In Fight Over Marijuana's Scheduling, Appeals Court Rules in Favor of DEA and Schedule I
TSA Still Awful After 17 Years
Shortodile Golddee: That's not backwardation
9/11 anti-sledding provision repealed in $1.15 trillion federal spending deal
Jason King of Sean's Outpost on Bitcoin and Charity
Grasshopper flies again, sets new altitude record