Tag: heartbleed
You are here: Home \ heartbleed
The ramifications of the recent SHA-1 collision attack have extended to Git and the Apache Subversion repository, both of which rely on the outdated and vulnerable hashing algorithm.
US-CERT issues alert to server admins warning of a dangerous OpenSSL vulnerability and urges 1.1.0 users update to version 1.1.0e.
Almost 200,000 servers are still vulnerable to Heartbleed, the OpenSSL vulnerability patched nearly three years ago.
Open source and third-party software bugs haunt even the best developers’ projects, despite the industry’s best efforts to avoid them.
Adobe released an emergency Flash Player update that patches a use-after-free vulnerability being exploited in targeted attacks.
Mike Mimoso and Chris Brook recap RSA 2016, including how pervasive the FBI vs. Apple debate has been around the conference, OpenSSL two years after Heartbleed, and why hacking back is always a bad idea. Download: Threatpost_News_Wrap_March_4_2016.mp3 Music by Chris Gonsalves
SAN FRANCISCO—Experts have stressed this week that DROWN is no Heartbleed, but at some point in the not too distant future, there’s going to be another major Internet vulnerability and developers at OpenSSL claim they’re battle tested. Rich Salz and Tim Hudson, members of OpenSSL’s development team, described in a talk at RSA Conference this week...
OpenSSH today released a patch for a critical vulnerability that could be exploited by an attacker to force a client to leak private cryptographic keys. The attacker would have to control a malicious server in order to force the client to give up the key, OpenSSH and researchers at Qualys said in separate advisories. Qualys’ security...
28 September 2015 - 15:10,
by ,
in News, No comments
This week sees the 25th Virus Bulletin conference, which takes place in Prague from 30 September to 2 October. We spoke to Virus Bulletin’s editor, Martijn Grooten, about how threats have changed over the last 25 years. My colleagues and I have been very busy preparing for this week’s 25th annual Virus Bulletin International Conference, but on the occasion...