Security News > 2016 > August > Proxy authentication flaw can be exploited to crack HTTPS protection (Help Net Security)

Mistakes made in the implementation of proxy authentication in a variety of operating systems and applications have resulted in security vulnerabilities that allow MitM attackers to effectively hijack HTTPS sessions, security researcher Jerry Decime has discovered. It has been confirmed that the flaw – dubbed FalseCONNECT – affects products by Apple, Microsoft, Opera and Oracle. Lenovo says that their products are not vulnerable, but other vendors who have been notified of the flaw’s existence are … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/LYcWsfeKWHg/