Displaying items by tag: Heartbleed

The open-source OpenSSL project has released an updated version of its software, 1.1.1k, to fix two vulnerabilities, the severity of both of which has been described as "high".

The OpenSSL project is seeking to go ahead with a change of licence to the Apache Licence Version 2.0 but the way it is doing so appears to have riled up some contributors.

A 2014 vulnerability in OpenSSL is yet to be patched in about 200,000 Web-facing devices, according to figures from the Shodan search engine.

The worst thing about a distributed denial of service attack is not the attack itself. Rather, it is the slew of bottom-feeders who appear on the horizon after the deed and try to profit from the misery of others.

Creating backdoors in software so that governments can snoop on users is the worst possible thing to do from a security point of view, according to Jeff Hudson, the head of US security firm Venafi.

Human error has been identified as the key vulnerability of cyber security and a major threat to data privacy, according to the security chief of one global security firm.

The Australian Competition and Consumer Commission has issued an apology to its email subscribers after it inadvertently published their email addresses and made them publicly available last week.

Heartbleed is potentially one of the biggest threats to the Internet we've seen - a software bug that may compromise secure communications over the Internet via a vulnerability in the OpenSSL protocol. But what is it? And what should you be doing to protect yourself?

Australia's consumer and competition watchdog the ACCC has been hacked, with personal data, including email addresses, potentially stolen.

A potentially devastating flaw in in OpenSSL, which is used to protect and secure millions of websites, has been uncovered by security researchers.