If you are running Linux kernel 3.6 or newer, anyone in the world on a network that allows IP spoofing can hijack your encrypted communications in less than a minute, with a success rate of 90%.
Here is how to fix it.
Still using Kerberos Authentication? Now You Have a Reason to Stop: It Does NOT Keep Your Business Safe
Kerberos, an ancient network authentication protocol from the 1980s that is commonly used to this day, can get you into some serious trouble.
The Kerberos setup used by your organization may not be all it’s cracked up to be.
DROWN, a New Attack on OpenSSL: Millions of OpenSSL-Secured Websites Are at Risk!
A recently discovered security vulnerability in OpenSSL allows a long-deprecated protocol, SSL v2 (Secure Sockets Layer) to be misused in attacks at modern websites. The new attack has been, perhaps fittingly, dubbed DROWN, an acronym for Decrypting RSA with Obsolete and Weakened eNcryption. Cyber security analysts believe it might shut down–or shall we say drown, more than one third of all HTTPS servers. Is yours one of them?