This HTTPS vulnerability is the most dangerous online security threat ever. You will once again be forced to question whether the personal details you give out for online transactions are safe. This has been a topic of debate ever since online transactions were born. The reports also say that not even Apple Pay is safe. Your details are not as secure as you would like them to be. Not just online transactions; even if you are using the internet without making a purchase, your emails, credit card details, passwords, IM messages, usernames, everything can now be hacked.
Even today, many servers are still supporting SSLv2. Reason? Misconfiguration. SSLv2 being from the 90s is insecure and can be easily broken. So if your server supports SSLv2, you too are at an “HTTPS vulnerability” or “Drown vulnerability” risk. In case your server isn’t using this age old connection, but is sharing a private key with another server that supports SSLv2, then too your system may be harmed. Right now, a number of well-known, reputed publications have been affected by HTTPS vulnerability. You will be shocked to know their names. Here they are:
- EpochTimes.com, and many more
To check whether your system is affected by HTTPS vulnerability, the researchers have published a guide to help you out. Enter your IP address or domain on the site to check whether your server is vulnerable. Click here to check.
The researchers working on HTTPS vulnerability have said, “We have no reason to believe that Drown has been exploited in the wild prior to this disclosure. [But] since the details of the vulnerability are now public, attackers may start exploiting it at any time, and we recommend taking the countermeasures explained above as soon as possible.”
For more technology news, you can subscribe to our newsletter. If you are a social media junkie and would like to receive updates on your timeline, then you can also like us on Facebook or follow us on Twitter.