The just-discovered FREAK attack

You can find out more at Essentially some cryptography dates back many years, and, while sufficiently strong at the time, is now not considered to be nearly strong enough. However those same methods are still allowed by many servers. That means that while that communication with that server is encrypted (it is still https), the ciphers used are not secure.

We have tested our application servers and they do not have this issue. They only use modern ciphers which do not have this vulnerability.

If you have any questions or concerns, please email us at [email protected].

Updated: March 4, 2015