Archive for the ‘OpenSSL vulnerability’ Category

Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug

January 23rd, 2017

It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.

It was one of the biggest flaws in the Internet’s history that affected the core security of as many as two-thirds of the world’s servers i.e. half a million servers at

Posted in hacking news, Heartbleed bug, Heartbleed OpenSSL Venerability, OpenSSL, OpenSSL Heartbleed, OpenSSL vulnerability, server hacking, Shodan search engine, website hacking | Comments (0)

OpenSSL Releases Patch For “High” Severity Vulnerability

November 10th, 2016

As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.

The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.

The vulnerability, reported by Robert Święcki of the Google Security Team on

Posted in ddos attack, dos attack, OpenSSL, OpenSSL vulnerability, secure communication, SSL Certificate, SSL encryption, website security | Comments (0)

Critical DoS Flaw found in OpenSSL — How It Works

September 23rd, 2016

The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks.

OpenSSL is a widely used open-source cryptographic library that provides encrypted Internet connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the majority of websites, as well

Posted in ddos attack, denial-of-service attacks, digital Certificate, dos attack, hacking news, OpenSSL, OpenSSL vulnerability, SSL Certificate, Vulnerability | Comments (0)

Critical OpenSSL Flaw Allows Hackers to Impersonate Any Trusted SSL Certificate

July 9th, 2015

The mysterious security vulnerability in the widely used OpenSSL code library is neither HeartBleed nor FREAK, but it’s critical enough to be patched by sysadmins without any delay.

OpenSSL Foundation released the promised patch against a high severity vulnerability in OpenSSL versions 1.0.1n and 1.0.2b, resolving a certificate forgery issue in the implementations of the crypto protocol.

Posted in CVE-2015-1793, hacking news, OpenSSL, OpenSSL vulnerability, SSL TLS security, Vulnerability, website security, Zero-Day Vulnerability | Comments (0)

OpenSSL to Patch Undisclosed High Severity Vulnerability this Thursday

July 7th, 2015

Attention Please! System Administrator and anyone relying on OpenSSL should be prepared to switch to a new version of the open-source crypto library that will be released this Thursday 9th July.

OpenSSL is a widely used open-source software library that provides encrypted Internet connections using SSL/TLS for majority of websites, as well as other secure services.

The new versions of

Posted in hacking news, Heartbleed bug, HTTPS encryption, OpenSSL, OpenSSL vulnerability, POODLE SSL Attack, SSL TLS security, SSL vulnerability, Vulnerability | Comments (0)