A new hacking tool targets flawed AES encryption implementations in Microsoft ASP.NET Web applications, enabling an attacker to view encrypted session cookies that could reveal sensitive online banking information and other personal data.

It opens the door to people who are not very knowledgeable about cryptography.

Alexander Meisel,
chief technology officer and founderart of defence