A major new security vulnerability called "Heartbleed" was discovered on monday night with severe implications to the entire web. The bug can scrape an entire server's memory, where sensitive data is stored,including private data such as user names, passwords, credit card numbers and so on.
This is an EXTREMELY serious issue that has affected about 500,000 servers, according to Netcraft, an internet research firm.
This is an EXTREMELY serious issue that has affected about 500,000 servers, according to Netcraft, an internet research firm.
The problem is in open source software, openSSL, which is widely used to encrypt web communications.
According to this tweet by Ronald Prins, yahoo is absolutely vulnerable to the heartbleed bug (assigned CVE-2014-0160)
We were able to scrape a Yahoo username & password via the Heartbleed bug. Censored example in our blog:http://t.co/iBPqitjAFa
— Ronald Prins (@cryptoron) April 8, 2014
for more information as to the bug, as well as a tester to check the vulnerability of a server, go HERE
By: Ezekiel.T.Ogidan
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.