Researchers Develop New Attack on SSL

Researchers have developed a new attack on SSL 3.0 that enables them to decrypt client requests on the wire and hijack confidential sessions on https sites. The attack breaks the confidentiality model of the protocol and is the first known exploitation of a flaw in SSL. It has the potential to impact the security of transactions on millions of sites. It could also potentially impact SSL VPN and instant messaging clients.

Read more