It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.
It was one of the biggest flaws in the Internet’s history that affected the core security of as many as two-thirds of the world’s servers i.e. half a million servers at
Posted in hacking news, Heartbleed bug, Heartbleed OpenSSL Venerability, OpenSSL, OpenSSL Heartbleed, OpenSSL vulnerability, server hacking, Shodan search engine, website hacking | Comments (0)
As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.
The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.
The vulnerability, reported by Robert Święcki of the Google Security Team on
Posted in ddos attack, dos attack, OpenSSL, OpenSSL vulnerability, secure communication, SSL Certificate, SSL encryption, website security | Comments (0)
The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks.
OpenSSL is a widely used open-source cryptographic library that provides encrypted Internet connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the majority of websites, as well
Posted in ddos attack, denial-of-service attacks, digital Certificate, dos attack, hacking news, OpenSSL, OpenSSL vulnerability, SSL Certificate, Vulnerability | Comments (0)
The mysterious security vulnerability in the widely used OpenSSL code library is neither HeartBleed nor FREAK, but it’s critical enough to be patched by sysadmins without any delay.
OpenSSL Foundation released the promised patch against a high severity vulnerability in OpenSSL versions 1.0.1n and 1.0.2b, resolving a certificate forgery issue in the implementations of the crypto protocol.
Posted in CVE-2015-1793, hacking news, OpenSSL, OpenSSL vulnerability, SSL TLS security, Vulnerability, website security, Zero-Day Vulnerability | Comments (0)
Attention Please! System Administrator and anyone relying on OpenSSL should be prepared to switch to a new version of the open-source crypto library that will be released this Thursday 9th July.
OpenSSL is a widely used open-source software library that provides encrypted Internet connections using SSL/TLS for majority of websites, as well as other secure services.
The new versions of
Posted in hacking news, Heartbleed bug, HTTPS encryption, OpenSSL, OpenSSL vulnerability, POODLE SSL Attack, SSL TLS security, SSL vulnerability, Vulnerability | Comments (0)