ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...

Curated by Gust MEES

Your new post is loading...

Scooped by Gust MEES

Scoop.it!

Bigger than Heartbleed, 'Venom' security vulnerability threatens most datacenters | CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it

From www.zdnet.com - May 13, 2015 10:54 AM

Gust MEES's insight:

Heartbleed lets an adversary look through the window of a house and gather information based on what they see," said Geffner, using an analogy. "Venom allows a person to break in to a house, but also every other house in the neighborhood as well."

Geffner said that the company worked with software makers to help patch the bug before it was publicly disclosed Wednesday. As many companies offer their own hardware and software, patches can be applied to thousands of affected customers without any downtime.

Now, he said, the big concern is companies that run systems that can't be automatically patched.

To take advantage of the flaw, a hacker would have to gain access to a virtual machine with high or "root" privileges of the system. Geffner warned that it would take little effort to rent a virtual machine from a cloud computing service to exploit the hypervisor from there.

"What an adversary does from that position is dependent on the network layout," said Geffner, indicating that a datacenter takeover was possible.

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.foxnews.com - May 10, 2014 11:07 AM

Gust MEES's insight:

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Rescooped by Gust MEES from 21st Century Learning and Teaching

Scoop.it!

From www.zdnet.fr - April 30, 2014 1:11 PM

Gust MEES's insight:

La NSA ne dévoile pas toujours les failles qu'elle découvre. Il aurait fallu être naïf pour croire le contraire, et de nombreux indices et révélations vont dans ce sens depuis des années. Cela dit, que la Maison blanche l'admette et se fende d'un billet de blog pour détailler les procédures menant à la divulgation ou à la rétention de failles, c'est nouveau.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA

Gust MEES's curator insight, April 30, 2014 1:08 PM

Scooped by Gust MEES

Scoop.it!

From grahamcluley.com - April 15, 2014 10:55 AM

Gust MEES's insight:

So, the obvious question you should be considering is, are you running Jellybean 4.1.1 on your Android devices?

Here’s how you can check:

Enter System settings
Scroll the screen down to About
Look for your Android version number

read more in the article...

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.ibtimes.co.uk - April 14, 2014 11:10 AM

Gust MEES's insight:

Canadian authorities reveal that social insurance numbers for 900 taxpayers were stolen before Heartbleed Bug was fixed.

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.securityweek.com - April 12, 2014 9:16 AM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.bloomberg.com - April 11, 2014 3:52 PM

Gust MEES's insight:

The NSA’s decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government’s top computer experts.

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Rescooped by Gust MEES from 21st Century Learning and Teaching

Scoop.it!

From www.zdnet.com - April 11, 2014 1:41 PM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

Gust MEES's curator insight, April 11, 2014 10:16 AM

You should also clear out all your Web browsers' cache, cookies, and history. That's never a bad idea anyway. You don't want old memorized passwords walking into trouble at an untrustworthy site. To do this with the most popular browsers...

Rescooped by Gust MEES from 21st Century Learning and Teaching

Scoop.it!

From www.wired.com - April 10, 2014 11:03 AM

Gust MEES's insight:

Either way, there are now signatures available to detect exploits against Heartbleed, as Dutch security firm Fox-IT points out on its website, and depending on how much logging companies do with their intrusion-detection systems, it may be possible to review activity retroactively to uncover any attacks going back over the last two years.

So might hear in a couple of months more then, probably!

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

Gust MEES's curator insight, April 10, 2014 11:00 AM

So might hear in a couple of months more then, probably!

Scooped by Gust MEES

Scoop.it!

From www.pcinpact.com - April 9, 2014 11:58 AM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.spiegel.de - April 9, 2014 11:34 AM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From nakedsecurity.sophos.com - April 8, 2014 2:38 PM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.pcwelt.de - June 23, 2014 12:27 PM

Gust MEES's insight:

Noch immer sind über 300.000 Server über die OpenSSL-Lücke Heartbleed angreifbar. Die Anzahl der ungeschützten Rechner verringert sich nur langsam.

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.silicon.fr - May 9, 2014 1:59 PM

Gust MEES's insight:

Pour trouver ce chiffre, il a scanné des millions de serveurs sur le port 443 qui est utilisé pour les communications TLS/SSL. A la découverte de la faille, plus de 600 000 serveurs étaient exposés. Robert Graham reste prudent sur ce chiffre de 320 000 en indiquant qu’il existe d’autres tests que le port 443 et qu’il peut donc y avoir plus de serveurs vulnérables.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.welivesecurity.com - April 16, 2014 9:29 AM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.chip.de - April 14, 2014 1:22 PM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From arstechnica.com - April 13, 2014 11:40 AM

Gust MEES's insight:

President Barack Obama has explicitly decided that when any federal agency discovers a vulnerability in online security, the agency should come forward, rather than exploit it for intelligence purposes, according to The New York Times, citing unnamed “senior administration officials.”

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.spiegel.de - April 11, 2014 4:24 PM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Rescooped by Gust MEES from 21st Century Learning and Teaching

Scoop.it!

From blog.trendmicro.com - April 11, 2014 1:40 PM

Gust MEES's insight:

All the extended coverage of the Heartbleed flaw begs the question, “Are mobile devices affected by this?” The short answer: yes.

The severity of the Heartbleed bug has led countless websites and servers scrambling to address the issue. And with good reason—a test conducted on Github showed that more than 600 of the top 10,000 sites (based on Alexa rankings) were vulnerable. At the time of the scanning, some of the affected sites included Yahoo, Flickr, OKCupid, Rolling Stone, and Ars Technica.

All the extended coverage of the flaw begs the question, “Are mobile devices affected by this?” The short answer: yes.

Mobile apps, like it or not, are just as vulnerable to the Heartbleed Bug as websites are because apps often connect to servers and web services to complete various functions. As our previous blog entry has shown, a sizable number of domains are affected by this vulnerability.

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

Gust MEES's curator insight, April 11, 2014 11:47 AM

All the extended coverage of the Heartbleed flaw begs the question, “Are mobile devices affected by this?” The short answer: yes.

All the extended coverage of the flaw begs the question, “Are mobile devices affected by this?” The short answer: yes.

Rescooped by Gust MEES from 21st Century Learning and Teaching

Scoop.it!

From mashable.com - April 11, 2014 1:42 PM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

Gust MEES's curator insight, April 11, 2014 10:05 AM

Some Internet companies that were vulnerable to the bug have already updated their servers with a security patch to fix the issue. This means you'll need to go in and change your passwords immediately for these sites.

Even that is no guarantee that your information wasn't already compromised, but there's also no indication that hackers knew about the exploit before this week. The companies that are advising customers to change their passwords are doing so as a precautionary measure.

Scooped by Gust MEES

Scoop.it!

From grahamcluley.com - April 10, 2014 7:41 AM

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.extremetech.com - April 9, 2014 11:37 AM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

Scooped by Gust MEES

Scoop.it!

From www.zdnet.com - April 8, 2014 5:47 PM

Gust MEES's insight:

Learn more:

http://www.scoop.it/t/securite-pc-et-internet/?tag=Heartbleed

No comment yet.

ICT Security-Sécurité PC et Internet

Bigger than Heartbleed, 'Venom' security vulnerability threatens most datacenters | CyberSecurity

Internet security researchers use Heartbleed bug to target hackers

Heartbleed : la NSA ne dévoile pas toutes les failles trouvées

Up to 50 million Android devices could be vulnerable to Heartbleed attack. Here's how to check yours

Heartbleed Bug Claims First Confirmed Victims in Canada

NSA Denies Exploiting 'Heartbleed' Vulnerability

NSA Said to Have Used Heartbleed Bug, Exposing Consumers

How to protect yourself in Heartbleed's aftershocks

Has the NSA Been Using the Heartbleed Bug as an Internet Peephole?

Heartbleed, OpenSSL et la question de la sécurité expliqués simplement

OpenSSL-Sicherheitslücke: Warum "Heartbleed" Millionen Web-Nutzer gefährdet

Anatomy of a data leakage bug - the OpenSSL "heartbleed" buffer overflow

300.000 Server noch immer über Heartbleed angreifbar

Près de 320 000 serveurs encore vulnérables à la faille Heartbleed

Heartbleed claims British mums and Canadian tax payers as victims

Heartbleed-Bug: Über 1.000 Android-Apps betroffen

Obama lets NSA use zero-day flaws given “clear national security” need

Internet-Sicherheitslücke: NSA soll "Heartbleed"-Fehler systematisch genutzt haben

Heartbleed Bug—Mobile Apps are Affected Too

The Heartbleed Hit List: The Passwords You Need to Change Right Now

Heartbleed bug advice about changing your passwords

What the Heartbleed bug is, and how you can protect yourself (and your servers)

Heartbleed security patches coming fast and furious