OpenSSL Patch Gets Patched
The OpenSSL patch issued on Sept. 22 was meant to fix a vulnerability, but it only caused more problems. The Sept. 26 update fixed the outstanding issues.
OpenSSL Keys Are Vulnerable to a Smartphone Listening Exploit
A simple hardware listening system can expose the OpenSSL crypto keys used for smartphones to cybercriminals, putting users at risk.
OpenSSL Can Be DROWNed by New Vulnerability
OpenSSL is vulnerable to DROWN, an attack based on support for the obsolete SSLv2 protocol, which leaves OpenSSL programs at risk.
LinuxCon: CII Program Will Give Badges to Open Source Projects With Strong Security
Open source projects have gotten a bad rap in security circles thanks to Heartbleed and other flaws, but an industry consortium may change that.
Could Open-Source ‘Census Project’ Prevent the Next OpenSSL Flaw?
The Core Infrastructure Initiative has released a ranking of open-source tools that should help the industry avoid problems in OpenSSL and similar tools.
New OpenSSL Releases Clear Logjam, Target Minor Flaws
Multiple new OpenSSL releases finally clear the Logjam flaw and address other low-to-moderate vulnerabilities plaguing the encryption software.
CVE-2014-0195: Adventures in OpenSSL’s DTLS Fragmented Land
Here is a look at the remote code execution bug in OpenSSL's DTLS, how it works and the different ways cybercriminals might leverage it for exploitation.
Shellshock: Where the Bash Bug Could Hit the Hardest
The Bash bug, a new vulnerability known as Shellshock, could have a sizable impact on an untold number of devices, according to security experts.
How to Improve Asset Management for Risk Assessment and Control
Asset management can be improved when responsibilities are shared and the inventory system is established, frequently updated and quickly actionable.
Backoff Hacker Tool: Secret Service Warns Target Malware Still Active
According to a recent Secret Service and Department of Homeland Security release, the Backoff hacker tool is still alive and well in American POS systems.