Vendors address the Heartbleed bug
Which products and services are affected by the Heartbleed bug in OpenSSL? Vendors have started issuing security advisories telling users which of their products are safe and …
The effect of the Heartbleed bug on open source projects
The Heartbleed bug in OpenSSL is all the information security world is talking about these days. Many are beginning to realize, its existence has opened multiple cans of …
Heartbleed bug: What regular users need to do
As the news of the existence of the Heartbleed bug in OpenSSL and the implications of its existence trickles down into mainstream media, users are trying to figure out what …
How does the Heartbleed bug affect me?
By now, you have surely heard about the “Heartbleed” bug discovered in Open SSL, and you’re wondering how its existence affects you. The situation is, …
Heartbleed OpenSSL vulnerability: A technical remediation
OpenSSL released an bug advisory about a 64kb memory leak patch in their library. The bug has been assigned CVE-2014-0160 TLS heartbeat read overrun. According to OpenSSL, the …
OpenSSL “Heartbleed” bug undermines widely used encryption scheme
OpenSSL, an open-source cryptographic library that is the default encryption engine for popular Web server software and is used in many popular operating system and apps, …
Protecting data against unwanted surveillance
Network security has been in the spotlight more than ever the past few months, and for good reason. We’ve seen many scary headlines that have put the pressure on …
GnuTLS library flaw opens way for MitM attacks
A critical cryptographic bug similar to the one recently discovered in iOS and OS X has been revealed to exist in the GnuTLS code library, widely used in open source software …
Apple finally patches critical SSL flaw in OS X
Apple has released an update for OS X that, among other things, patches the infamous “gotofail” bug whose existence was publicly revealed last Friday. The flaw was …
Identify and fix vulnerabilities in your SSL certificates
DigiCert announced DigiCert Certificate Inspector, a tool designed to quickly find problems in certificate configuration and implementation, and provide real-time analysis of …
Fake SSL certificates used to impersonate Facebook, Google, banks
Analysts with UK-based Internet research firm Netcraft have discovered a considerable number of fake SSL certificates in the wild, created to impersonate banks, social …
Yahoo Mail now has HTTPS on by default
With a short blog post, Yahoo’s SVP of Communication Products Jeff Bonforte has announced that the company has started encrypting all connections between their users and …