Former DHS secretary Tom Ridge said at the Kaspersky Lab Cybersecurity Summit that U.S. critical infrastructure will be a target as long as the public and private sector balk on sharing attack and threat data.
Browsing Category: Vulnerabilities
Web application security begins with the developer’s comfort level and familiarity with a programming language. WhiteHat Security’s latest report examines the security of six top languages.
The Heartbleed story advanced over the weekend with word of researchers exploiting the OpenSSL flaw to steal private SSL keys, and the loss of data on websites in the U.K. and Canada.
The initial phase of the TrueCrypt audit has been released and 11 vulnerabilities were uncovered, but no evidence of a backdoor.
Experts say it’s highly unlikely private SSL keys can be stolen by hackers using the Heartbleed OpenSSL bug, but not impossible.
Dennis Fisher and Mike Mimoso discuss–what else–the OpenSSL heart bleed vulnerability and the doings at the Source Boston conference this week.
Vendors are continuing to check their products for potential effects from the OpenSSL heartbleed vulnerability, and both Cisco and BlackBerry have found that a variety of their products contain a vulnerable version of the software. BlackBerry on Thursday said that several of its software products are vulnerable to the OpenSSL bug, but that its phones[...]
Cisco patched a quartet of vulnerabilities this week in one of its core operating systems and is looking into the potential impact of this week’s Heartbleed vulnerability.
Evidence exists the OpenSSL heartbleed bug was being exploited as far back as last November, six months before it was publicly disclosed this week.
There’s nothing the Internet loves more than a fat, juicy story that it can sink its sharpened, yellowing canines into. And for the security community, the OpenSSL heartbleed vulnerability has been the equivalent of a 72-ounce steak. But an Internet-breaking vulnerability like this one is no good unless we can learn something from it (or[...]