OpenSSL Bug

New widespread Internet bug could be more dangerous than Heartbleed

By on June 6, 2014 at 9:40 AM.

New widespread Internet bug could be more dangerous than Heartbleed

There is nowhere to hide. Just two months following the discovery of Heartbleed, the massive OpenSSL bug that affected two-thirds of the entire Internet at the time it was revealed, a new OpenSSL bug has been uncovered that could be even more dangerous. Led by Masashi Kikuchi, security researchers at Japan-based Lepidum shared their discovery on Thursday, noting that this newly revealed vulnerability in OpenSSL has existed for more than 15 years. More →

No Comments
Preventing The Next Heartbleed

Google, Amazon among tech companies trying to prevent the next Heartbleed

By on May 30, 2014 at 6:45 PM.

Google, Amazon among tech companies trying to prevent the next Heartbleed

If there’s one thing that can make the competitive tech industry band together, it’s security. Last month, the Heartbleed bug affected nearly everyone in the industry, requiring millions of customers to change their passwords and rethink the safety that their services provide them. The Wall Street Journal reports that several of the biggest tech firms on the planet are doing what they can to prevent the next Heartbleed by helping to pay the salaries of full-time employees and funding an audit for the OpenSSL Project. More →

No Comments
Heartbleed Password Change Required

Heartbleed showed us how shockingly lazy people are with their passwords

By on May 21, 2014 at 1:10 PM.

Heartbleed showed us how shockingly lazy people are with their passwords

Heartbleed, the massive security threat that has recently affected millions of websites, was patched by most large Internet companies and by many site owners, but regular Internet users failed to grasp the significance of the threat, a new Avast study revealed. Furthermore, less than half of those people who knew about Heartbleed failed to take any action once sites fixed the problem. More →

No Comments
Heartbleed Vulnerability

You’re still not safe: 318,000 servers are still vulnerable to Heartbleed

By on May 9, 2014 at 12:00 PM.

You’re still not safe: 318,000 servers are still vulnerable to Heartbleed

You’re not out of the woods yet, Web users. It seems like ages ago in Internet time that Heartbleed was first discovered. The massive OpenSSL vulnerability affected about 66% of the entire Internet when it was uncovered by security researchers, and it can allow hackers to intercept sensitive data including usernames and passwords. Big companies moved fast to patch the vulnerability and resolve the problem, but unfortunately not everyone acted so quickly to protect their users. More →

No Comments
Heartbleed bug: how two Steves protect the Internet

Meet the two men responsible for protecting the Internet

By on May 2, 2014 at 12:35 PM.

Meet the two men responsible for protecting the Internet

Last month, the Heartbleed bug was revealed as a major vulnerability in the world’s most popular encryption method, OpenSSL. Since Heartbleed was uncovered, we still don’t know too much about the people behind OpenSSL. To find out more, BuzzFeed has written a great profile of the two guys named Steve who basically control OpenSSL. Steve Henson, a 46-year-old British mathematics Ph.D., contributes roughly 60% of the code behind OpenSSL, and Steve Marquess, a former Defense Department consultant, runs the OpenSSL Software Foundation, which raises money to support the continued development of OpenSSL. More →

No Comments
White House on Heartbleed Security Flaw

Why the NSA might not say anything about the next ‘Heartbleed’

By on April 29, 2014 at 11:45 PM.

Why the NSA might not say anything about the next ‘Heartbleed’

Secretive agencies like the National Security Agency will not hurry to disclose future Heartbleed-like security issues, or at least they won’t always be interested in doing so, The White House revealed in a blog post. It also reiterated the fact that the NSA did not actually know about this major security bug that affected 66% of the entire Internet, as it was previously rumored. After all, the NSA denied everything on Twitter — and soon after, the NSA released its own set of instructions telling the public how to deal with the security flaw. More →

No Comments
Android Virus Scan Heartbleed

New free app promises to protect Android users from Heartbleed

By on April 28, 2014 at 1:05 PM.

New free app promises to protect Android users from Heartbleed

After all this time, is Heartbleed really still an issue we should be concerned with? Yes, yes it is. Heartbleed, the shockingly severe and widespread OpenSSL flaw that impacted 66% of the entire Internet at the time of its discovery, has already been addressed by thousands upon thousands of websites. But believe it or not, there are still countless websites — and apps — out there that have yet to apply the updates necessary to protect their users.

With vulnerable Android apps having been downloaded a whopping 150 million times, Heartbleed is a particularly important issue for Android users. And now, a simple new app claims that it will protect Android phone and tablet owners for free. More →

No Comments
How To Tell If Someone Hacked Your Computer

How to tell if any of your accounts have been hacked

By on April 28, 2014 at 9:25 AM.

How to tell if any of your accounts have been hacked

Internet users have obviously known for some time that hackers pose a serious threat, but we all got a shocking reminder when security researchers revealed the massive Heartbleed bug earlier this month. The OpenSSL security flaw affected an estimated 66% of the entire Internet at the time of its discovery, and it may have exposed usernames and passwords on any number of popular websites. Big companies were quick to address the bug but as we learned recently, Heartbleed was around for years before companies started patching it earlier this month. As such, hackers had plenty of time to exploit the flaw and steal your login details.

Have any of your online accounts been hacked because of Heartbleed? Have hackers breached your accounts using other means? Thanks to a few free websites, it’s remarkably easy to tell if your data might be at risk. More →

No Comments
Android Apps Heartbleed Bug

Android apps vulnerable to Heartbleed have been downloaded 150 million times

By on April 23, 2014 at 8:45 PM.

Android apps vulnerable to Heartbleed have been downloaded 150 million times

Patching up Android to make sure it’s not vulnerable to Heartbleed is one thing. Patching all vulnerable Android apps, on the other hand, is quite another. Re/code draws our attention to a new study from research firm FireEye that claims there have been around 150 million downloads of Android apps that are vulnerable to the Heartbleed bug. And to make matters worse, the researchers say that the assorted “Heartbleed detectors” you can now find in the Google Play store will do little to help you root out vulnerable apps you’ve downloaded. More →

No Comments
Heartbleed Bug Fix

Life after Heartbleed: ‘The Internet will never be 100% safe’

By on April 23, 2014 at 1:00 PM.

Life after Heartbleed: ‘The Internet will never be 100% safe’

Heartbleed was an abrupt but necessary reminder that when it comes to the Internet, nothing is safe. The massive OpenSSL security hole was discovered earlier this month, and it affected 66% of the entire Internet at the time of its discovery. Most large websites have patched the bug by now and Heartbleed chatter across the Web is inevitably starting to die down. But as one security expert recently pointed out, patching Heartbleed hardly makes the Internet safe again. More →

No Comments
Heartbleed Android 4.1.1 Jelly Bean

Why Heartbleed could be much worse for Android users

By on April 16, 2014 at 2:14 PM.

Why Heartbleed could be much worse for Android users

Even though Google does not have a Heartbleed problem, particularly since the company has known about the OpenSSL bug a month before everyone else, a large number of Android users may still be at risk, The Guardian reports. And that’s not because Google has not patched the security flaw, but rather because Heartbleed indirectly benefits from several factors. More →

No Comments
Heartbleed Bug Fix Tor

Not even Tor can keep you safe from Heartbleed

By on April 16, 2014 at 1:18 PM.

Not even Tor can keep you safe from Heartbleed

So here’s some sort-of good news: Cybercriminals might be just as freaked out about the Heartbleed bug as the rest of us. Trend Micro analyst J.D. Sherry writes that revelations about the gaping hole in the Open SSL, the security protocol used to encrypt web traffic, have caused “shell shock in the Deep Web as many of the hidden services within the TOR (The Onion Router) are impacted as well.”

More →

No Comments
Why Are So Many Websites Crashing

Why you should expect your favorite websites to crash over the next few weeks

By on April 15, 2014 at 8:30 PM.

Why you should expect your favorite websites to crash over the next few weeks

If you find yourself unable to access your favorite websites over the next few weeks, don’t worry: The Internet isn’t broken, it’s just undergoing very needed repairs. The Washington Post has talked with some security experts who expect that patching the Heartbleed bug is going to cause major disruptions on the Internet for a while as major web companies scramble to guard their websites against a bug that caught the tech world flat-footed last week. More →

No Comments