The Heartbleed effect
In this podcast, recorded at Infosecurity Europe 2014, Ivan Ristic, Director of Engineering at Qualys, talks about the Heartbleed bug and its impact on the security industry. …
NIST updates Transport Layer Security (TLS) guidelines
The National Institute of Standards and Technology (NIST) has released an update to a document that helps computer administrators maintain the security of information …
OpenBSD team forks OpenSSL to create safer SSL/TLS library
For all the talk about how something should be done to fix OpenSSL so that a Heartbleed situation is never again repeated, there has been little to no concrete action so far. …
Free Heartbleed scanner for Chrome and Android
To help Internet users protect themselves from the Heartbleed bug that is eroding SSL security features on websites worldwide, Trend Micro released two free Heartbleed …
Tor relays vulnerable to Heartbleed dropped from anonymity network
Thanks to the OpenSSL Heartbleed bug, the Tor anonymity network is set to temporarily lose around “12 per cent of the exit capacity and 12 per cent of the guard …
Heartbleed threatens mobile users
As time passes, it becomes more and more obvious that almost no-one is safe from the danger created by the existence of the OpenSSL Heartbleed bug. In the days after the …
Heartbleed should jumpstart important security changes
With impacts on an estimated 60-70% of websites, Heartbleed is easily the security vulnerability with the highest degree of potential impact ever. There’s lots of good …
Heartbleed: VMware starts delivering patches
VMware has announced that it has started shipping patches for its products that have been impacted by the OpenSSL Heartbleed bug. “VMware is acutely aware of the …
Confirmed Heartbleed victim: Canada Revenue Agency
The Canada Revenue Agency (CRA) has been breached by attackers that leveraged the newly discovered Heartbleed bug in OpenSSL and managed to compromise Social Insurance Numbers …
Heartbleed: Private crypto keys can be extracted from vulnerable servers
The recently discovered Heartbleed bug can be exploited to obtain private encryption keys from vulnerable websites, Web services firm CloudFlare confirmed late on Friday. The …
Heartbleed bug: Checking websites and changing passwords
In the wake of the discovery of the Heartbleed bug in OpenSSL, some security experts even went as far as advising users to avoid the Internet for a few days until the problem …
Vendors address the Heartbleed bug
Which products and services are affected by the Heartbleed bug in OpenSSL? Vendors have started issuing security advisories telling users which of their products are safe and …