SSL BEAST
Short for Browser Exploit Against SSL/TLS, SSL Beast is an exploit first, revealed in late September 2011, that leverages weaknesses in cipher block chaining (CBC) to exploit the Secure Sockets Layer (SSL) protocol. The CBC vulnerability can enable man-in-the-middle (MITM) attacks against SSL in order to silently decrypt and obtain authentication tokens, providing hackers with access to the data passed between a Web server and the Web browser accessing the server.
While SSL BEAST attacks affect only the Transport Layer Security (TLS) 1.0 version of SSL and not later versions such as TLS 1.1 and 1.2, TLS 1.0 remains the overwhelmingly predominant version used by both Web servers and browsers. Following a Javascript-based demonstration of the SSL BEAST attack by researchers Juliano Rizzo and Thai Duong, developers of Google Chrome and other major Web browsers started taking steps to create workarounds for mitigating the risks of SSL BEAST attacks.
SSL BEAST |
-
1
Consumerization of IT
Consumerization of IT is a phrase used to describe the cycle of information technology (IT) emerging in the consumer market then spreading to...
-
2
ERP - Enterprise Resource Planning
Short for enterprise resource planning, ERP is business management software that allows an organization to use a system of integrated applications...
-
-
3
ecommerce remarketing
In email and online marketing, remarketing or ecommerce remarketing refers to the techniques, strategies and often the automated email...
-
4
Mobile Device Management - MDM
Mobile device management (MDM) is a type of security software used by an IT department to monitor, manage and secure employee's mobile devices...
-
5
search engines
Search engines are programs that search documents for specified keywords and returns a list of the documents where the keywords were found.
-
6
Wi-Fi
A popular wireless networking technology that provides high-speed Internet and network connections.
-
7
mobile operating system
The mobile operating system is the software platform on top of which other programs, called application programs, can run on mobile devices.
-
8
enterprise application
An enterprise application is the term used to describe applications -- or software -- that a business would use to assist the organization in...
-
9
open source
Generically, open source refers to a program in which the source code is available to the general public for use and/or modification from its...
-
10
URL
Abbreviation of Uniform Resource Locator, the global ...
-
11
RSA Secure ID
RSA SecurID ( “SecurID”) is a two-factor authentication technology that is used to protect network resources.
Connect with Webopedia
-
-
SOHO Business Solutions: Accounting and Finance Software
Five inexpensive – or free – software packages to help SOHO owners manage the accounting and finance aspects of their business.
