New Red Herring Honeypot Fights Heartbleed

Posted by:

red herring honeypotWASHINGTON: US cybersecurity researchers have developed a technique that fights the ‘Heartbleed’ virus, and detects and entraps hackers who might be using it to steal sensitive data.

The Heartbleed bug, which became public last week, has set alarm bells ringing across the globe, including in India, for fear of exposing millions of passwords, credit card numbers and other sensitive information to hackers.

Researchers at The University of Texas at Dallas ...

Read More →
0

Akamai Heartbleed Patch – Not So Much!

Posted by:

Heartbleed Patch - Akami

Since Akami handles almost 1/3 of the Internet’s traffic so their patch that didn’t patch so much is a big deal.

Akami’s patch was supposed to have handled the problem. Turns out it protects only three of six critical encryption values.

Writing on his company’s blog Sunday night, Akamai chief security officer Andy Ellis said that while he had believed the Akamai Heartbleed patch fully fixed the issue, a security researcher ...

Read More →
0

Heartbleed: Gov. Agencies Respond

Posted by:

It’s Not Just A Website Issue

Security thought-leaders continue to offer insight into the Heartbleed bug. Avivah Litan, fraud analyst at Gartner Research, calls the issue “mega-serious.”

“I’m just trying to understand why all the news reports are focused on individual communications with websites,” Litan says. “SSL protocols, including OpenSSL, are used in most ‘trusted’ machine to machine communications. The bug affects routers, switches, operating systems and other applications that support the protocol in order to ...

Read More →
0

Heartbleed Bug – Open SSL Vulnerability Solution

Posted by:

heartbleed solutionThe TBG Security team has been investigating a critical vulnerability in the OpenSSL cryptographic library.  This vulnerability, which is known as the “Heartbleed Bug,” allows anyone on the Internet to read the memory of systems protected by vulnerable versions of the OpenSSL software.  This issue should be considered extremely critical due to its impact, long exposure, ease of exploitation, the absence of application ...

Read More →
0
})
SEC Cybersecurity Exams