Loading...

Session

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions | Sedulity Groups

The new attack has been given the name CRIME by the researchers. The CRIME attack is based on a weak spot in a special feature in TLS 1.0, but exactly which that feature is has not been revealed by the researchers. They will say that all versions of TLS/ SSL including TLS 1.2, on which the BEAST attack did not work are vulnerable.