Academics from three German universities have found a vulnerability in the Transport Layer Security (TLS) protocol that under limited circumstances allows the theft of session cookies and enables cross-site scripting attacks. Dubbed ALPACA, which is short for “Application Layer Protocol Confusion – Analyzing and Mitigating Cracks in TLS Authentication,”

Read full article on The Register