After security firm CrowdStrike discovered a virtual machine security flaw that could (in theory) put millions of data centers at risk for malware attack this week, the comparisons came on hot, sticky, and thick. It was Heartbleed, all over again.....but this time, even WORSE.
As scary as Heartbleed was this past spring, it looks like virtually every Microsoft Windows user is in for a little deja vu. Microsoft just released a critical patch for a huge server vulnerability—one that affects quite a few current versions of Windows out there.
While it's not causing Heartbleed-levels of panic—yet—this news is a little disconcerting: Google has discovered a vulnerability in an older version of SSL, which basically keeps everything we do on the web protected.
Over 300,000 servers out of the 600,000 that were vulnerable to Heartbleed are still unpatched two months after the nasty vulnerability in OpenSSL was discovered by a Google engineer.
It's been just a few months since the Heartbleed OpenSSL security flaw was discovered, and we're again learning about gaping hole in the widely used security protocol. The good news is that there's a fix. The bad news is that the vulnerability has existed for a decade, and we'll never know how much it was exploited.
Heartbleed, the gaping flaw that left the internet's security gate wide open for more than two years, is causing headaches for yet another site: the beleagured Healthcare.gov. The government says the site has not been compromised, but officials have reset all user passwords "out of an abundance of caution."…
By now, you've read all about Heartbleed—but what, exactly, does it look like in action? Thankfully some
nerdy brave computer scientists have run it, so you don't have to.
In what's sure to be the first of many to come, a 19-year-old Canadian man was arrested for exploiting the Heartbleed bug to lift taxpayer data from a government website, making this the first official Heartbleed-related arrest.
Heartbleed is causing heartache on hundreds of servers all over the internet, but security researchers have also warned that the bug could allow direct hacks of Android, too. Here's how to check if your device is at risk.
Over the weekend, it was revealed that President Obama thinks that when the National Security Agency discovers major flaws in Internet security, they should be allowed to exploit it if there's a "a clear national security or law enforcement need."
You might not understand the how Heartbleed works, but you definitely heard about it this week. And with it, that drippy, maroon, bleeding heart logo—which is part of what made the story so memorable. In fact, the way Heartbleed was presented by the team that discovered it is a model for how technology issues should…
Some more heartache from Heartbleed: it affects routers, too. Cisco Systems and Juniper Networks have announced that the security hole that is Heartbleed has been found in their networking equipment.
Heartbleed is a scary thing. Aside from the violent-sounding name, the vulnerability in OpenSSL security protocols spans the entire internet and affects most of the sites we know, love, and use on a daily basis. Even outside of Heartbleed, not all security protocols are created equal. So how do you know who to trust?
By now, chances are you've already heard about the preposterously huge security hole in SSL. You've also probably heard how it could easily have left you exposed to all sorts of nefarious activity over the past few years. Now, thanks to Mashable, we also have a better idea of exactly which websites had the flaw.
By now you've surely heard of Heartbleed, the hole in the internet's security that exposed countless encrypted transactions to any attacker who knew how to abuse it. But how did it actually work? Once you break it down, it's actually incredibly simple. And a little hilarious. But mostly terrifying.