Heartbleed
The Heartbleed effect
In this podcast, recorded at Infosecurity Europe 2014, Ivan Ristic, Director of Engineering at Qualys, talks about the Heartbleed bug and its impact on the security industry. …
Heartbleed attacker hijacked VPN active user sessions
As the number of the most popular websites that still haven’t patched their servers against the Heartbleed exploit continues to diminish (go here for an up-to-date list …
Free Heartbleed scanner for Chrome and Android
To help Internet users protect themselves from the Heartbleed bug that is eroding SSL security features on websites worldwide, Trend Micro released two free Heartbleed …
Tor relays vulnerable to Heartbleed dropped from anonymity network
Thanks to the OpenSSL Heartbleed bug, the Tor anonymity network is set to temporarily lose around “12 per cent of the exit capacity and 12 per cent of the guard …
Student arrested for Heartbleed-exploiting tax agency breach
A 19-year-old Canadian student has been arrested for breaching the systems of the Canada Revenue Agency (CRA) and extracting Social Insurance Numbers of some 900 taxpayers. It …
Oracle patches 104 vulns, still working on some Heartbleed fixes
Oracle’s April 2014 Critical Patch Update has been released, and solves a total of 104 vulnerabilities found across many of its products, including Oracle Database, …
Heartbleed threatens mobile users
As time passes, it becomes more and more obvious that almost no-one is safe from the danger created by the existence of the OpenSSL Heartbleed bug. In the days after the …
Heartbleed should jumpstart important security changes
With impacts on an estimated 60-70% of websites, Heartbleed is easily the security vulnerability with the highest degree of potential impact ever. There’s lots of good …
Heartbleed: VMware starts delivering patches
VMware has announced that it has started shipping patches for its products that have been impacted by the OpenSSL Heartbleed bug. “VMware is acutely aware of the …
Confirmed Heartbleed victim: Canada Revenue Agency
The Canada Revenue Agency (CRA) has been breached by attackers that leveraged the newly discovered Heartbleed bug in OpenSSL and managed to compromise Social Insurance Numbers …
Heartbleed: Private crypto keys can be extracted from vulnerable servers
The recently discovered Heartbleed bug can be exploited to obtain private encryption keys from vulnerable websites, Web services firm CloudFlare confirmed late on Friday. The …
Heartbleed bug: Checking websites and changing passwords
In the wake of the discovery of the Heartbleed bug in OpenSSL, some security experts even went as far as advising users to avoid the Internet for a few days until the problem …