The POODLE against SSL 3.0. A new attack on SSL is threatening the Internet again, it allows bad actors to decrypt traffic over secure channels. Another critical flaw affects one of the protocols most used to secure Internet traffic, Secure Sockets Layer (SSL) and attacker could exploit the attack dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption) to run a […]
Experts at security firm Codenomicon discovered a critical buffer overflow vulnerability in the implementation of the GnuTLS software. GnuTLS, a free software implementation of SSL/TLS/DTLS protocols, it offers a set of application programming interface (API) to enable secure communication over their network transport layer. News of the day is that the widely used cryptographic library is vulnerable […]
A Portuguese security expert has uncovered the Cupid attack, a new Heartbleed attack vector which can impact Android devices, enterprise wireless networks and other connected devices. Cupid is the name of the new Heartbleed attack method recently proposed by Portuguese security researcher Luis Grangeia, unlike the original version of the attack, which took place on TLS connections over TCP, […]
Security researcher Robert Graham published the results of recent global scan searching for Heartbleed vulnerable systems. 300k systems are still vulnerable Heartbleed flaw is a bug disclosed more than a month ago, which affected OpenSSL library with serious repercussion on most common encryption services we daily use. Encrypted communications, mobile platforms, VPN and Tor networks are just a […]
Security researcher Adam Langley of Google explained the real efficiency of revocation checking in response to OpenSSL heartbeat bug. The Heartbleed bug is a source of great concern for IT industry, every day we discover that the flaw in the OpenSSL library has had a significant impact on Servers, on the mobile industry and on the anonymity […]
Security experts at Mandiant uncovered attackers exploiting the Heartbleed vulnerability to circumvent Multi-factor Authentication on VPNs. We have practically read everything about HeartBleed bug which affects OpenSSL library, we have seen the effects on servers, on mobile devices and also on Tor anonymity, now lets focus on the possibility to exploit it to hijack VPN […]
The presence of nearly 380 servers in the Tor Network, 12 percent of the exit capacity, running the vulnerable version of OpenSSL could have compromised user’s anonymity. The Heartbleed bug is the flaw in the popular OpenSSL library that is scaring the security communities, many security experts hiphotesized that Intelligence agencies, including NSA, have exploited the bug to spy on […]
Heartbleed is the security flaw that is scaring IT industry, which is its impact on the mobile worlds? How many Smartphone Users could be affected? Heartbleed flaw is the argument that most of all is capturing the attention of the media in this period, billions of users worldwide have been impacted, there are thousands solutions affected […]
CISCO and BlackBerry started to evaluate the impact of Heartbleed vulnerability on their products … unfortunately,the list of affected solutions is long. So far we have discussed the Heartbleed vulnerability by not investigating which are the products on the market that really are suffering it. We realized that the Heartbleed vulnerability potentially allows any attacker to access […]
The US National Security Agency knew for at least two years about the Heartbleed flaw, and exploited it for cyber attacks according Bloomberg. The Internet community was shocked by the disclosure of the Heartbleed flaw, the vulnerability affects OpenSSL library and allows an attacker to reveal up to 64kB of memory to a connected client or […]