In Thursday, Internet security researcher Lewis Grangia (Luis Grangeia) said the Heartbleed loophole had been publicly available for 7 weeks, but its destructive power still remains, Sina science and technology news Beijing time May 30 evening. Grangia said he recently discovered a new Heartbleed loophole, known as Cupid. Cupid's attack steps are exactly the same as Heartbleed, but instead of using the open web, WiFi. Theoretically, the flaw allows hackers to intercept communications between Android devices and WiFi routers. We already know that the Android 4.1.1 device suffers Heartbleed impact, but Grangia says iOS and OS X devices could also be attacked by Cupid. It is not clear how many devices are affected by this, but the impact will be greater than Heartbleed, the most vulnerable of which is an EAP based router. The Heartbleed vulnerability was discovered last month, which exists in the cryptographic protocol OpenSSL, the most serious security vulnerability OpenSSL this year. Using this vulnerability, hackers can real-time access to nearly 1/3 of the world's HTTPS beginning of the user login account password, the scope of a large number of online banking, shopping websites and e-mail. It is reported that tens of thousands of network servers may be affected by this vulnerability. In addition, the vulnerability has existed for about two years. (Li Ming)
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
