Tag Archives: Heartbleed
Security researchers have recently identified several vulnerabilities in the OpenSSL encryption library in addition to the widely publicized Heartbleed bug (see https://it-security.usc.edu/2014/04/09/openssl-heartbleed-bug for more information about Heartbleed). System Administrators within USC’s IT units should complete the action items (fixes) summarized … Continue reading
Below is a partial list of vendors that have released updates to address the Heartbleed vulnerability.
This list will be updated as more information becomes available. Continue reading
Cloudflare, a large web-hosting company, has a very detailed article on how server certificates are not (in the real world) extractable using the Heartbleed bug: http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed They set up a test server and challenged anybody to obtain the private key. … Continue reading
Many websites and online services, including Facebook, Instagram, Google, and Yahoo, were affected by the recently announced Heartbleed vulnerability. The site linked below has collected responses from social media, email, financial, and other companies regarding steps they have taken to … Continue reading
Security researchers have discovered a vulnerability, named the Heartbleed bug, in the OpenSSL encryption library that could allow attackers to access secure information stored in a server’s system memory, including usernames, passwords, and private encryption keys. OpenSSL is used by … Continue reading