March 23, 2016 tags:  SSL-TLS cryptography infosec security-week

Is DROWN a 'Hello Kitty' SSL Vulnerability?

Should you panic about the DROWN SSL vulnerability? Is it cute and kid-friendly, or is it a monster vulnerability coming to expose your most sensitive data? This piece I did for SecurityWeek builds upon the "Stack Ranking SSL Vulnerabilities" article I'd written the year before.