CATEGORIES

Items tagged with Heartbleed

image
by Kory Kessel - Thu, May 14, 2015
VENOM Vulnerability Poses Serious Threat to Cloud Service Providers And Their Customers
Data security research player CrowdStrike is reporting a security flaw that could allow hackers to exploit and take over data centers from within. Given the nasty moniker "VENOM" (for "Virtualized Environment Neglected Operations Manipulation"), the vulnerability CrowdStrike uncovered is present in a common component — a legacy floppy drive controller — that is widely used in virtualization platforms and appliances. The seriousness of the VENOM vulnerability rests on how it circumvents an essential barrier used by cloud service providers to segregate customer data. Thus, infiltrators who are able to gain access to one virtual environment can subsequently move from there into the cloud entity's... Read more...
News
Comments
image
by Rob Williams - Mon, Jun 23, 2014
Over 300,000 Web Servers Still Vulnerable to the Heartbleed Bug
When the OpenSSL vulnerability Heartbleed broke cover in April, it felt like it was the only thing that mattered for an entire week. Like many news outlets, we reported on the bug from a number of different angles, and it was all for good reason: It's a severe bug, and one that the world needs to know about. Given all of the attention Heartbleed received, it'd be easy to assume that the vulnerability would now be hard to spot out in the wild - but no. Far from it, actually. When we first learned of Heartbleed, it was estimated that at least half a million Web servers were vulnerable because of it. More importantly, the bug affected a large number of popular services, requiring users to change... Read more...
News
Comments
image
by Seth Colaner - Fri, Apr 25, 2014
Dell, Facebook, Google, Intel, IBM, and Other Tech Giants Back OpenSSL Project To Prevent Future Heartbleed
The Heartbleed Bug illustrated just how vulnerable our global communications structure really is, and now a glut of important tech companies in collaboration with the Linux Foundation are launching a new initiative called the Core Infrastructure Initiative to better support the open source projects and technologies that keep the Internet afloat. Image Source: Flickr (snoopsmaus) The first item on the docket is increased support for OpenSSL, which if you’ll recall was the source of the Heartbleed problem. OpenSSL “could receive fellowship funding for key developers as well as other resources to assist the project in improving its security, enabling outside reviews, and improving responsiveness... Read more...
News, Social And Internet
Comments
image
by Joel Hruska - Sat, Apr 12, 2014
The NSA Denies Exploiting The Heartbleed Bug, What If It's Telling The Truth?
As Seth covered earlier today, Bloomberg has accused the NSA of benefiting from the Heartbleed OpenSSL bug. The NSA denies this in fairly strong terms. I'd like to draw attention to a different facet of the topic -- first, by discussing the semantics of the NSA's denial and then the wider impact of how that denial is perceived and what it means for the tech community as a whole. The NSA's Denial is Surprisingly Straightforward For the past year, the NSA's responses to the Snowden leaks have followed the same strategy: Either the organization claims that its activities are legal or it denies engaging in a similar (but distinct) activity from the one it's actually accused of actually perpetrating.... Read more...
News
Comments
image
by Seth Colaner - Sat, Apr 12, 2014
NSA May Have Exploited Heartbleed Bug For Years
The news of two truly horrible security breaches broke this year; one was the NSA’s shadowy data grabbing and surveillance program, and the other was the Heartbleed bug that left about two-thirds of the Internet utterly exposed to any bad actor. According to a Bloomberg report, these two stories have merged, as “two people familiar with the matter” have told the outlet that the NSA has known about the Heartbleed bug for at least two years and has regularly exploited it to gather intelligence. In an emailed statement to Bloomberg, the Office of the Director of National Intelligence said, “Reports that NSA or any other part of the government were aware of the so-called Heartbleed... Read more...
News
Comments
image
by Paul Lilly - Fri, Apr 11, 2014
Chromebleed Chrome Browser Plugin Will Safeguard You Against Heartbleed Exploit
The discovery of a security vulnerability in OpenSSH, which is a set of programs that provide encrypted communication sessions using the SSH protocol for an estimated two-thirds of the web, challenged the notion that anyone can ever be truly safe on the Internet, regardless of how careful you surf. How so? Researchers discovered a major vulnerability in OpenSSH that could allow hackers to dig up your personal information, including usernames, passwords, credit card data, and much more. It's called Heartbleed, and it has the Internet community on high alert. There's a patch available, which many website admins have applied, but if you want to err on the side of caution, Chromebeed is here to help.... Read more...
News
Comments
Your Next Gaming GPU
More Results
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT/Enterprise

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

HotTech Vision And Analysis

MORE

Forums

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2021 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment