Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Hundreds of cloud services potentially vulnerable to Logjam attacks

Hundreds of cloud services potentially vulnerable to Logjam attacks

2015/05/21

Securityweek - (International) Skyhigh's Service Intelligence Team found that 575 cloud services were potentially vulnerable to attacks following the discovery of the transport layer security (TLS) vulnerability dubbed Logjam which affects a number of cloud services. The vulnerability is caused as a result of the way the Diffie-Hellman (DHE) key exchange is deployed, and can be exploited by a man-in-the-middle (MitM) attacker to down grade TLS connections in order to gain access to the data. [ed.: see related post in the Optimal Security blog.]

Source: http://www.securityweek.com/hundreds-cloud-services-potentially-vulnerable-logjam-attacks-skyhigh

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:21