It looks like we just patched the Heartbleed bug, however there is another vulnerability with SLL named “LogJam” that shakes number of important internet protocols.
Researchers just found an internet vulnerability as of now termedas LogJam — and it is assumed to be influencing 8% of the world’s huge sites. What makes it so much critical, though, is that the flaw comes from the sort of technology most sites utilize to keep our own (users) data protected as it goes all over the web.
The vulnerability disturbs an algorithm named the “Diffie-Hellman key exchanges” that enables protocols like SSH, HTTPS, SMTPS, IPsec to exchange a shared key plus generate a private and fully secure connection.
Specialists from various organizations and universities found a number of vulnerabilities in the system and released a technical report, which features its errors in detail.
Cyber security specialists state that there is no sign many people have been effected by the vulnerability and believe it shakes a very little percentage of sites, most of the websites have already altered the HTML lines required to repair the vulnerability.
“LogJam” comes on the coattails of another vulnerability which was disclosed in last March name “FREAK”.
The bug was patched by Microsoft last week and also patches for other well-known web browsers should be issued very soon.
Founder of Spikes Security, Branden Spikes said, “It’s a good move for browsers to raise the bar on encryption key strength as computing power increases.”
Rapid7’s engineer, Tod Beardsley said, “The only two groups really in a position to take advantage of this vulnerability are criminals on coffee shop wifi networks and state actors who already control a huge chunk of the local Internet.”
A group of investigators from Microsoft and various US and French universities have explored the security of algorithm and discovered that:
- Nation-state hackers with sufficient means can execute precomputations on various 1024-bit and 768-bit prime TLS used by Diffie Hellman groups, enabling them to spy on most online networks, as “a few number of standardized or fixed groups are utilize by lots of VPN, SSH, and TLS servers.”
- They named this bug “LogJam,” and state that the bug affects all web browsers and numerous HTTPS sites and mailing servers.
As per what researchers said, “Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18% of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66% of VPN servers and 26% of SSH servers. A close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having achieved such a break.”
The well-known browsers are still in danger and open to the cyber-attacks, although The Giant (Google) has already started working to boost up the SSL condition in Google Chrome to 1024 bit.
Web servers which are still open to attack are warned to take an action on immediate basis to make sure they are secured.
Top/Featured Image: By Mark Rain / Flickr