3

Security Researchers Exploit Vulnerability in Handling of EV SSL Certificates

Two researchers will demonstrate a man-in-the-middle attack at the Black Hat security conference this month that allows them to silently sniff traffic on EV SSL protected Web sites. The vulnerability in the way browsers treat EV SSL certificates makes them no more valuable than the cheapest SSL certificate, the researchers say. - Two researchers have discovered a design flaw in Web browsers that can be exploited to launch man-in-the-middle attacks on extended validation
SSL
certificates.
Mike Zusman, principal consultant at Intrepidus Group, and independent security researcher Alex Sotirov plan to reveal the details of...


Read »
Created by monroe 1 year 8 weeks ago – Made popular 1 year 8 weeks ago
Category:   Tags:

Similar stories

Rogue Digital Certificates Require CAs, Browser Vendors Work to Tighten Internet Security 1 year 36 weeks ago
Intel Chip Vulnerability Could Lead to Stealthy Rootkits 1 year 24 weeks ago
SSL Crack Shows You Must Advance Your Security 1 year 35 weeks ago
Researchers Release Bootkit Code Targeting Windows 7 1 year 17 weeks ago
  • monroe
  • netwrkadmin
  • secops

User login