Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Your new post is loading...
Scoop.it!
A month has passed since the existence of the OpenSSL Heartbleed bug has been shared with the public. 
No comment yet.
Sign up to comment
Scoop.it!
All the extended coverage of the Heartbleed flaw begs the question, “Are mobile devices affected by this?” The short answer: yes. The severity of the Heartbleed bug has led countless websites and servers scrambling to address the issue. And with good reason—a test conducted on Github showed that more than 600 of the top 10,000 sites (based on Alexa rankings) were vulnerable. At the time of the scanning, some of the affected sites included Yahoo, Flickr, OKCupid, Rolling Stone, and Ars Technica. . All the extended coverage of the flaw begs the question, “Are mobile devices affected by this?” The short answer: yes. . Mobile apps, like it or not, are just as vulnerable to the Heartbleed Bug as websites are because apps often connect to servers and web services to complete various functions. As our previous blog entry has shown, a sizable number of domains are affected by this vulnerability. .
Gust MEES's insight:
All the extended coverage of the Heartbleed flaw begs the question, “Are mobile devices affected by this?” The short answer: yes. . The severity of the Heartbleed bug has led countless websites and servers scrambling to address the issue. And with good reason—a test conducted on Github showed that more than 600 of the top 10,000 sites (based on Alexa rankings) were vulnerable. At the time of the scanning, some of the affected sites included Yahoo, Flickr, OKCupid, Rolling Stone, and Ars Technica. . All the extended coverage of the flaw begs the question, “Are mobile devices affected by this?” The short answer: yes. . Mobile apps, like it or not, are just as vulnerable to the Heartbleed Bug as websites are because apps often connect to servers and web services to complete various functions. As our previous blog entry has shown, a sizable number of domains are affected by this vulnerability. .
Gust MEES's curator insight,
April 11, 2014 1:40 PM
All the extended coverage of the Heartbleed flaw begs the question, “Are mobile devices affected by this?” The short answer: yes. . The severity of the Heartbleed bug has led countless websites and servers scrambling to address the issue. And with good reason—a test conducted on Github showed that more than 600 of the top 10,000 sites (based on Alexa rankings) were vulnerable. At the time of the scanning, some of the affected sites included Yahoo, Flickr, OKCupid, Rolling Stone, and Ars Technica. . All the extended coverage of the flaw begs the question, “Are mobile devices affected by this?” The short answer: yes. . Mobile apps, like it or not, are just as vulnerable to the Heartbleed Bug as websites are because apps often connect to servers and web services to complete various functions. As our previous blog entry has shown, a sizable number of domains are affected by this vulnerability. Learn more:
Scoop.it!
Heartbleed: A look at which companies have issued a security patch to fix the Heartbleed bug. Some Internet companies that were vulnerable to the bug have already updated their servers with a security patch to fix the issue. This means you'll need to go in and change your passwords immediately for these sites. . Even that is no guarantee that your information wasn't already compromised, but there's also no indication that hackers knew about the exploit before this week. The companies that are advising customers to change their passwords are doing so as a precautionary measure.
Gust MEES's insight:
Some Internet companies that were vulnerable to the bug have already updated their servers with a security patch to fix the issue. This means you'll need to go in and change your passwords immediately for these sites. . Even that is no guarantee that your information wasn't already compromised, but there's also no indication that hackers knew about the exploit before this week. The companies that are advising customers to change their passwords are doing so as a precautionary measure.
|
Scoop.it!
Recently, a report has emerged on the fact that certain applications available on Android are vulnerable to the Heartbleed Bug, and it seems that more... Moreover, the team claims that the issue is present even on handsets and tablets that do not run under the affected platform iteration itself. Learn more:
Gust MEES's insight:
Moreover, the team claims that the issue is present even on handsets and tablets that do not run under the affected platform iteration itself. Learn more:
Scoop.it!
The companies know what to do about Heartbleed now. Here's what you, as an individual, need to do now. . You should also clear out all your Web browsers' cache, cookies, and history. That's never a bad idea anyway. You don't want old memorized passwords walking into trouble at an untrustworthy site. To do this with the most popular browsers...
Gust MEES's insight:
You should also clear out all your Web browsers' cache, cookies, and history. That's never a bad idea anyway. You don't want old memorized passwords walking into trouble at an untrustworthy site. To do this with the most popular browsers...
Scoop.it!
The Heartbleed bug is unusually worrisome because it could possibly be used by the NSA or other spy agencies to steal your usernames and passwords — for sensitive services like banking, ecommerce, and web-based email — as well as the private keys that vulnerable web sites use to encrypt your traffic to them. Either way, there are now signatures available to detect exploits against Heartbleed, as Dutch security firm Fox-IT points out on its website, and depending on how much logging companies do with their intrusion-detection systems, it may be possible to review activity retroactively to uncover any attacks going back over the last two years.
Gust MEES's insight:
Either way, there are now signatures available to detect exploits against Heartbleed, as Dutch security firm Fox-IT points out on its website, and depending on how much logging companies do with their intrusion-detection systems, it may be possible to review activity retroactively to uncover any attacks going back over the last two years. So might hear in a couple of months more then, probably!
Gust MEES's curator insight,
April 10, 2014 11:03 AM
Either way, there are now signatures available to detect exploits against Heartbleed, as Dutch security firm Fox-IT points out on its website, and depending on how much logging companies do with their intrusion-detection systems, it may be possible to review activity retroactively to uncover any attacks going back over the last two years. So might hear in a couple of months more then, probably! Learn more: |
Given that this open-source implementation of the SSL and TLS protocols is used in many operating system and apps, not to mention being the default encryption engine for popular Web server software, it's a given that fixing this mess will take some time.