The common trait in this attack was the attack on SSL/TLS weak points.
Both these layers are used for securing internet communications.
SSL was the one of the earliest and hence is the most popular protocol.
The SSL encryption was a mountain they could not move, so they decided to go around it.
TLS is its successor and is claimed to be much more resistant to attacks.
Although, SSL being as popular as it is, most websites do not support TLS yet.
That has not stopped attackers from finding out vulnerabilities in TLS either.
Man-in-the-Middle
For those not in the know, MitM is a textbook way of attacking internet users.
So this attacker may just sit and spy on the communication.
Or if he wants to attack, hell break the communication line by making himself a node in between.
This is the basic fundamental onto which attackers have built their attacks upon.
nogotofail is completely port agnostic and instead detects vulnerable traffic using DPI instead of based on port numbers.
Googles security team designed nogotofail tool to work on essentially any client that connects to the Internet.
But we want the use of TLS/SSL to advance as quickly as possible, Brubaker wrote.
source: www.techworm.net
