It looks like there is a newly discovered hack attack which could actually make short work of servers that rely on HTTPS protection, which means many popular websites would be vulnerable to the latest Drown attacks. Basically, all website managers should be concerned that they could be exposed to eavesdroppers, as researchers found a new method of disabling encryption protections on websites.
Just how widespread could this attack be? Experts claim that approximately 33% of all computer servers that rely on the HTTPS protocol happen to be vulnerable to these Drown attacks. In other words, essential and important information such as passwords, credit card numbers, emails and sensitive documents might end up stolen, and thankfully, a fix is already in place, although it will take a fair amount of time before website administrators do the necessary to ensure that their systems are protected.
We are also grateful that the researchers have not rolled out the code used in order to prove their theory, as the risk far outweighs the availability of such knowledge. Right now, no evidence stands in favor of hackers that have figured out this technique, but you know what they say – better safe than sorry. Looks like a whole lot of stuff, including $35,000 police drones, are getting hacked these days.