Executive summary
A newly discovered OpenSSL security vulnerability, dubbed DROWN (Decrypting RSA with Obsolete and Weakened eNcryption), enables a 20 year old and long deprecated security protocol, Secure Sockets Layer (SSLv2), to be used to attack modern websites.
An attack exploiting this could decrypt secure HTTPS communications, which can be used to protect sensitive data in transit between your browser and the server. It is estimated that at least one-third of all websites could be…
Link: DROWN vulnerability
Source: NCSC Alerts
