A new encryption vulnerability was discovered at puts many SSL secure sites at risk. This means financial information, passwords and usernames are all vulnerable until these web sites are patched.
Some examples that are showing vulnerabilities from the DROWN Attack researchers include many of the largest US financial institutions:
Wells Fargo – https://test.drownattack.com/?site=wellsfargo.com
Bank of America – https://test.drownattack.com/?site=bankofamerica.com
Fidelity.com – https://test.drownattack.com/?site=fidelity.com
Schwab – https://test.drownattack.com/?site=schwab.com
NYSE – https://test.drownattack.com/?site=nyse.com
JPMorgan – https://test.drownattack.com/?site=jpmorgan.com
Morgan Stanley – https://test.drownattack.com/?site=morganstanley.com
Apple – https://test.drownattack.com/?site=apple.com
Microsoft – https://test.drownattack.com/?site=microsoft.com
Twitter – https://test.drownattack.com/?site=twitter.com
You can check other sites here at the DROWN attack site.
These sites were not displaying the vulnerability:
Citibank.com – https://test.drownattack.com/?site=citibank.com
Some other sites that are reported safe are: google.com, gmail.com, Facebook.com