Collaborate Disseminate
It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.
It was one of the bigg… Continue reading Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug
As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.
The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.
The vulnerability, reported by Robert Święcki of the Google Security Team on
Continue reading OpenSSL Releases Patch For “High” Severity Vulnerability
The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks.
OpenSSL is a widely used open-source cryptographic library that… Continue reading Critical DoS Flaw found in OpenSSL — How It Works
OpenSSL has released a series of patches against six vulnerabilities, including a pair of high-severity flaws that could allow attackers to execute malicious code on a web server as well as decrypt HTTPS traffic.
OpenSSL is an open-source cryptographi… Continue reading High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic
A new deadly security vulnerability has been discovered in OpenSSL that affects more than 11 Million modern websites and e-mail services protected by an ancient, long deprecated transport layer security protocol, Secure Sockets Layer (SSLv2).
Dubbed… Continue reading DROWN Attack — More than 11 Million OpenSSL HTTPS Websites at Risk