FREAK vulnerability allows the attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to manipulate or steal sensitive data.
Although most major hardware/software vendors and owners have patched this flaw, many are still susceptible to this kind of attack.
Instrumental in discovering FREAK flaw, the University of Michigan conducted scans and discovered that an estimated 36.7% of the 14 million websites offering browser-trusted certificates were vulnerable at the time of disclosure.
This includes some very high profile pages like nsa.gov, irs.gov and even the ubiquitous connect.facebook.com (the source of all Facebook "Like" buttons.)
IMPACTS OF FREAK ATTACK
- Intercepts your sensitive, encrypted, web sessions via a man-in-the-middle attack, putting your clients at risk
- Redirects users to malicious sites and harvests credentials, giving attackers the ability to pivot and attack your environments directly and steal sensitive data (intellectual property)
- Forces weak encryption, even if you use a strong encryption method, making stealing your data much easier
- Affects a large number of vendors including every Windows version, Apple’s mobile and desktop operating systems, and Google Android
HOW TO PROTECT AGAINST FREAK?
AlienVault Unified Security Management (USM) can help. USM provides asset discovery, vulnerability assessment, threat detection (IDS), behavioral monitoring and SIEM in a single console.
USM can scan your network to identify assets with the FREAK vulnerability, making it easy for you to identify systems that need to be patched and prioritize remediation.
AlienVault Labs team pushed updated correlation directives to the USM platform, enabling users to detect attackers attempting to exploit it.
USM also checks the IP information against the Open Threat Exchange (OTX), the largest crowd-sourced threat intelligence exchange. In the example below, you can see details from OTX on the reputation of an IP, including any malicious activities associated with it.
Learn more about AlienVault USM:
- Play with USM in our product sandbox (no download required)
Popular Deals From Our Store
Ethical Hacking Certification Training
Get Professional Ethical Hacking Certifications: CEH, CHFI, CISM, CISA, CISSP Trainings.
96% Off Get this Deal
Computer Hacking Forensic Investigation
Online Hands-on Training with Lifetime Access to Forensic Investigation Certification Classes.
98% Off Get this Deal