A number of ICS products from Siemens and Innominate are vulnerable to the OpenSSL heartbleed flaw, some of which do not have updates available yet. The list of products affected by the heartbleed vulnerability continues to grow by the day, with OpenVPN being one of the latest. A researcher on Friday said that he was[...]
Browsing Category: Cryptography
The openSSL heartbleed has led to a huge increase in the number of SSL certificates being revoked, as site owners and hosting providers go through the process of replacing vulnerable certificates.
The Tor Project is in the process of rejecting exit nodes vulnerable to the Heartbleed OpenSSL vulnerability after researcher Collin Mulliner discovered more than 1,000 leaking plaintext traffic.
Netcraft reports that certificates on 80,000 of the half-million Web servers vulnerable to Heartbleed exploits have been revoked.
A cryptanalysis of TrueCrypt, the second half of an audit of the open source encryption software, will involve a small team of experts who will manually audit the code.
The initial phase of the TrueCrypt audit has been released and 11 vulnerabilities were uncovered, but no evidence of a backdoor.
There’s nothing the Internet loves more than a fat, juicy story that it can sink its sharpened, yellowing canines into. And for the security community, the OpenSSL heartbleed vulnerability has been the equivalent of a 72-ounce steak. But an Internet-breaking vulnerability like this one is no good unless we can learn something from it (or[...]
The list of products and sites affected by the OpenSSL heartbleed vulnerability continues to grow, and as security teams implement the patch and dig into the thornier work of revoking certificates, a new problem is emerging: It’s difficult to know whether an attacker has exploited the vulnerability on a given system.
Site operators and software vendors are scrambling to fix the OpenSSL heartbleed bug revealed Monday, a vulnerability that enables an attacker to extract 64 KB of memory per request from a server
The maintainers of the OpenSSL library, one of the more widely deployed cryptographic libraries on the Web, have fixed a serious vulnerability that could have resulted in the revelation of 64 KB of memory to any client or server that was connected.