A lot of Android apps that have been downloaded 6.3 billion times from the Google Play store are still vulnerable to the FREAK bug. Research published Tuesday by the company shows just how vulnerable both Android and iOS apps still are to a FREAK attack.
FREAK is a cryptographic weakness that permits attackers to force data traveling between a vulnerable website or operating system to servers to use weak encryption protocols. If combined with a so-called man-in-the-middle attack, the data could theoretically be intercepted and cracked as the user is unwittingly using a lower level of encryption than believed.Read more
Computers running all supported releases of Microsoft Windows are vulnerable to FREAK, a decade-old encryption flaw that leaves device users vulnerable to having their electronic communications intercepted when visiting any of hundreds of thousands of websites.
The flaw was previously thought to be limited to Apple's Safari and Google's Android browsers. But Microsoft warned that the encryption protocols used in Windows were also vulnerable to the flaw. The FREAK flaw surfaced a few weeks ago when a group of researchers discovered they could force websites to use intentionally weakened encryption, which they were able to break within a few hours.Read more
Tech firms are rushing to fix a disastrous security flaw, stemming from the US government’s requirement of lower encryption standards, that for over a decade left millions of users visiting 'secured' websites exposed to potential attacks.
Experts have discovered a massive flaw that allows attackers to decrypt HTTPS-protected traffic passing between millions of websites and users of vulnerable devices, including Android and Apple smartphones and tablets. Researchers found that some websites that use SSL or TLS protocols, including government ones, are vulnerable and could be tricked into setting up a connection through weak encryption keys.Read more