Attack Allegedly Compromises Encrypted Sites Via JavaScript

Doug Isenberg

Security researchers at KU Leuven have discovered an attack technique, HEIST (HTTP Encrypted Information can be Stolen Through TCP-Windows), that helps compromise an encrypted website using only a JavaScript file hidden in a maliciously-crafted ad or page. Unlike many similar attacks, you don't need a man-in-the-middle spot to make this work -- it can gauge the size of an encrypted response (and thus enable an attack) all on its own.

Read the article: Engadget

Home | Contact | Search

About : Legal Services | Doug Isenberg | Cases & Clients | Firm News

Resources : YouTube Channel | Daily News | Blog | Masterclass | Domain Dispute Digest

Subscribe

The GigaLaw Firm helps companies of all sizes protect their brands online, using domain name dispute policies – such as the Uniform Domain Name Dispute Resolution Policy (UDRP) – and other legal tools available to copyright and trademark owners on the Internet.