Mitigate Cyber

TLS 1.3 Vulnerability Discovered

Transport Layer Security version 1.3, which was finally approved for use in August of last year and hailed as ‘mak[ing] all secure internet connections faster and safer’ has been found to be vulnerable, allowing attackers to break the security offered and read private Internet traffic.

TLS is a vital part of the contemporary Internet ecosystem, providing encryption for everything from HTTPS Web traffic to email.

The vulnerability, published by researchers from a range of universities and security companies, relies on a combination of a downgrade attack (abusing TLS’ backwards-compatability to force a target to use TLS 1.2 instead), followed by a side-channel leak.

Having ‘tested nine fully patched implementations of various RSA-based security protocols’, the researchers found that ‘only…two could not be successfully attacked by our new techniques’.

The vulnerability is expected to be patched soon, and all enterprises and users are advised to update as soon as it is made available.


Latest Articles

HAPPY SECURE NEW YEAR: HERE’S The cyber security trends to watch out for in 2021

It’s fair to say a lot changed in 2020. It was an unprecedented year, full of uncertainty, both economically and politically. 2021 has started much the same, with anytime, anywhere, remote working patterns remaining prevalent in the business world.

We are now, more than ever, reliant on our technology. But with that reliance comes the need to ensure it’s safe and secure usage. Here are the key cyber security trends to watch out for this year.

Read More »
Scroll to Top