'Heartbleed' computer bug threat spreads to firewalls and beyond - dofaq.com

4 tips to make use of Wannacry in awareness programs

CSO Online - 12 Jul 2017
In the past we had incidents like Heartbleed, Chernobyl and I Love You that all became household names. You would think that people would have become aware of the importance of anti-malware and patching systems. And then there were the major data ...

Heartbleed Persists on 200000 Servers, Devices

Threatpost - 23 Jan 2017
Almost 200,000 servers and devices are still vulnerable to Heartbleed, the OpenSSL flaw patched nearly three years ago. The numbers come from search engine Shodan, which released data showing U.S. servers hosted on Amazon AWS are ...

That Heartbleed problem may be more pervasive than you think

Network World - 27 Jan 2017
That lingering Heartbleed flaw recently discovered in 200,000 devices is more insidious than that number indicates. According to a report posted by Shodan, the Heartbleed vulnerability first exposed in April 2014 was still found in 199,594 internet ...

Heartbleed vs. WannaCry: A tale of two cyber attacks

FederalNewsRadio.com - 22 May 2017
If there was ever a case to be made for why agencies and organizations invest in cybersecurity protections, look no further than the recent WannaCry ransomware attack. The federal government came away unscathed by the malware that hit more than 300 ...

What the Insanity of Mass Incarceration Has Done To Us

YES! Magazine - 18 Jul 2017
Instead of sledgehammering its message, this film makes your heart bleed drip by drip as the story slowly unfolds. On the screen, orange flames soar, accompanied by the voice of a woman, the member of an all-female firefighting crew, who eventually ...

ICO Fines Gloucester Council £100K After Heartbleed Snafu

Infosecurity Magazine - 13 Jun 2017
Data protection watchdog the Information Commissioner's Office (ICO) has fined Gloucester City Council a whopping £100,000 after it failed to protect against the Heartbleed bug, resulting in the theft of sensitive info on council employees. A cyber ...

Heartbleed Lingers: Nearly 180000 Servers Still Vulnerable

BankInfoSecurity.com (blog) - 30 Jan 2017
Heartbleed is the nickname for a vulnerability in OpenSSL, an open-source implementation of the SSL and TLS protocols that's used to secure data sent between clients and servers. The bug was jointly discovered by security firm Codenomicon and Google ...

תכנית IBB ללכידת באגים גייסה מימון חדש לשיפור אבטחת הקוד הפתוח

Daily Maily אנשים ומחשבים - 24 Jul 2017
בין הבאגים המשמעותיים ביותר שהתגלו בעזרת IBB נכלל גילוי של הפגם Heartbleed בשנת 2014, שעליו קיבל הלוכד תגמולים בגובה של 15,000 דולרים. בכצ'וס ציין כי תגמול המכובד בעבור Heartbleed שולם ל-ניל מהטה, חוקר האבטחה של גוגל (Google), על תרומתו לאיתור הבאג, והוא מצידו ...

Heartbleed bug still affects thousands of sites

ZDNet - 25 Jan 2017
The bug, known as Heartbleed (but formally designated CVE-2014-0160), was found in an earlier version of OpenSSL, a common open-source cryptographic library. Researchers say the flaw could allow an attacker to reveal the contents of encrypted data ...

Web App Vulnerabilities Decline 25% in 12 Months

Dark Reading - 12 Jul 2017
He noted Heartbleed was the first to take advantage of the open TLS handshake that occurs as information is passed from the browser to the server. "In 2012, you didn't see much of vulnerabilities in the transport layer but after Heartbleed, it set off ...

Ticketbleed Vulnerability Affects F5 Devices

Hashed Out by The SSL Store™ (registration) (blog) - 16 Feb 2017
A new vulnerability is being compared to Heartbleed, the most infamous SSL/TLS vulnerability of all time. The Ticketbleed Vulnerability affects F5's TLS library. F5 is a major IT company that makes network devices such as load balancers. More than two ...

L'Internet Bug Bounty reçoit 300 000$ de Facebook, GitHub et Ford

LeMondeInformatique - 24 Jul 2017
Parmi les plus gros montants de ce programme de chasse aux bugs, 20 000 dollars ont été payés pour Shelshock, 15 000 $ pour la découverte en 2014 de la faille Heartbleed ou encore 7 500 $ pour ImageTragick. Sur l'ensemble des fonds versés, plus de ...

Council fined £100000 for not preventing Heartbleed cyberattack

Sky News - 12 Jun 2017
These email messages contained financial and sensitive information about council staff, according to the Information Commissioner's Office (ICO). The ICO, the UK's data regulator, said the hacker exploited the Heartbleed security bug - which had been ...

Heartbleed bug: What you need to know (FAQ)

CNET - 02 May 2016
The Heartbleed bug, a newly discovered security vulnerability that puts users' passwords at many popular Web sites at risk, has upended the Web since it was disclosed earlier this week. It's an extremely serious issue, and as such, there's a lot of ...

cURL security audit learns the lessons of Heartbleed

Naked Security - 25 Nov 2016
You may not have heard of cURL but you've probably made use of it. It's one of those pieces of software that does something everybody needs, that everybody uses but almost nobody pays any attention to. Its mission in life is simple: if something has an ...

What's New