Lerted Us Toa Total Of Five Vulnerabilities In Mega 39s Cryptographic Architecture That Would Allow An Attacker Who Is Control Api Back End Or Able To Mounta Tls Man The Middle Attack Undermine Certain Assurances Expected By Users For News Today : Breaking News, Live Updates & Top Stories | Vimarsana

AUCKLAND, New Zealand, June 22, 2022 /PRNewswire/ Today, MEGA has released software updates that fix a critical vulnerability reported by researchers at one of Europe's leading universities, ETH Zurich, Switzerland. Further updates addressing less severe identified issues will follow in the near future.MEGA is not aware of any user accounts being compromised by these vulnerabilities. Who is potentially affected? Customers who have logged into their MEGA account at least 512 times (the more, the higher the exposure). Note that resuming an existing session does not count as a login. While all MEGA client products use permanent sessions by default, some third-party clients such as Rclone do not, so their users may be exposed. Who could have exploited the vulnerability? Very few: An attacker would have had to first gain control over the heart of MEGA's server infrastructure or achieve a successful man-in-the-middle attack on the user's TLS connection to MEGA. What could have b

New zealandKennethg patersonMatilda backendalMiro hallerDepartment of computer scienceOmega ltdEuropean commissionApplied cryptographyComputer scienceGoogle driveNew zealandJune 22022 prnewswire todayEga has released software updates that fixa critical vulnerability reported by researchers at one of europe 39s leading universitiesEth zurichWitzerland further updates addressing less severe identified issues will follow in the near future mega is not aware of any user accounts being compromised by these vulnerabilities who potentially affected customers have logged into their account at least 512 times more