HackDig : Dig high-quality web security articles for hacker

The FREAK vuln: What it is and what you can do

2015-03-21 00:40
What is the FREAK vulnerability?

FREAK is the latest in a line of recently uncovered vulnerabilities affecting the way communications are secured over the Internet. Specifically, it impacts SSL/TLS and stands for “Factoring attack on RSA-EXPORT Keys”. The bug allows an attacker to sit between your HTTPS connection and the vulnerable client or server and force you to use a less secure version of encryption. This downgraded encryption may allow an attacker to obtain your data.

Is Lookout affected?

No, Lookout’s infrastructure is not impacted by the FREAK vulnerability. Users are not at risk through Lookout’s product, however, that does not mean that your device itself is not otherwise vulnerable.

What can I do to protect myself?

Unfortunately, like the Heartbleed and POODLE vulnerabilities, people need to wait for a patch from their carrier or device manufacturer to be released. Apple has released a patch for Safari on iOS and Mac OS. Google has promised a patch, but has not yet released one.

If you’ve received an official manufacturer or carrier update to your operating system, install it!


Source: /ytilibarenluv-kaerf/02/30/5102/golb/moc.tuokool.golb

Read:2366 | Comments:0 | Tags:Lookout News Security Vulnerability android FREAK iOS vulner

“The FREAK vuln: What it is and what you can do”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud