Apr 19
Heartbleed, the gaping flaw
Apr 18
Half of the top ten Android smartphones susceptible to Heartbleed hacks are made by HTC, security research firm Lookout claims, with phones like the HTC One X+ and Desire X … Continue reading
Apr 18
By now, you’ve read all about Heartbleed nerdy brave computer scientists have run it, so you don’t have to.
Apr 16
We have heard about the Heartbleed bug in recent times, as well as denials by at least one entity (the NSA, no less) concerning knowledge about the existence of such a vulnerability without informing the masses. Well, it seems that there has been a Heartbleed attack that has resulted in a loss of taxpayer data from Canada’s tax agency website. Apparently, a 19-year old Canadian man is the culprit who has been charged by the Royal Canadian Mounted Police .
According to the Royal Canadian Mounted Police, Stephen Arthuro Solis-Reyes was picked up from his residence on Tuesday, where has been charged with unauthorized use of a computer as well as mischief in relation to data. After performing a search on his residence, the police seized some of his computer equipment – presumably for evidence purposes. A spokesman for the Western University did share that Solis-Reyes is a computer science student there. I guess there is a line between using and abusing one’s brilliance in any chosen field, no?
The Canada Revenue Agency did shut down their publicly accessible website last Friday after learning about the Heartbleed computer bug, and on Monday, they disclosed that up to 900 social insurance numbers were compromised. How has Heartbleed affected your day to day life?
Heartbleed Attack Results In Stolen Taxpayer Data , original content from Ubergizmo, Filed in Computers, heartbleed,
Apr 16
In what’s sure to be the first of many to come, a 19-year-old Canadian man was arrested for exploiting the Heartbleed
Apr 15
Heartbleed is causing heartache on hundreds of servers all over the internet, but security researchers have also warned that the bug could allow direct hacks of Android, too. Here’s how to check if your device is at risk.
Apr 14
BlackBerry Security Patches For iOS And Android BBM Apps To Prevent Heartbleed Exploits
Posted in: Today's ChiliAlthough BlackBerry might not be the smartphone company that everyone would want to support blindly at this point in time, or would root for in terms of making a comeback in the smartphone industry, credit must be given where it is due. You can say that BlackBerry has been one of the leaders in mobile security, but it still has had its apps affected by the Heartbleed bug.
While majority of the BlackBerry products out there do not use the targeted software, what remains vulnerable to the Heartbleed bug would include the likes of Secure Work Space corporate email, BBM for iOS and BBM for Android. BlackBerry Senior Vice President Scott Totzke did mention that hackers are able to use a Wi-Fi connection or over a carrier network to break into those apps, but the risk of an attack remained small and would need to be carried out within a narrow window of opportunity.
Better to err on the side of caution, BlackBerry has plans to roll out security patches for both BBM apps on the iOS and Android platforms, although they have yet to reveal just when these updates would be sent out exactly. I guess we will just have to sit tight and wait in this case.
BlackBerry Security Patches For iOS And Android BBM Apps To Prevent Heartbleed Exploits , original content from Ubergizmo, Filed in Cellphones, BlackBerry, heartbleed,
Apr 14
Amidst the Heartbleed bug hoopla this month was a claim the NSA knew about and actively exploited the vulnerability, something the agency soon denied. Apparently in line with that claim, … Continue reading
Apr 14
The NSA is an organization that has its fair share of detractors, where we did mention how the NSA was aware of the Heartbleed vulnerability for years at the end of last week. It seems as though the US National Security Agency (NSA) has stepped forward to deny any knowledge of the Heartbleed online security flaw since, touting that they do not know and were not aware of the flaw in OpenSSL which could be exploited to harvest data.
Just a side note here for the uninitiated – OpenSSL happens to be an online-data scrambling software that is used to protect sensitive data, with passwords being one of them. It was in 2013 that NSA leaker Edward Snowden claimed the NSA themselves introduced vulnerabilities to security software on purpose, which has led to such speculation that has since been denied by the NSA.
In fact, Robin Seggelman, a German computer programmer, has already stepped forward to accept responsibility for the Heartbleed bug’s existence, saying, “It’s tempting to assume that, after the disclosure of the spying activities of the NSA and other agencies, but in this case it was a simple programming error in a new feature, which unfortunately occurred in a security-relevant area. It was not intended at all, especially since I have previously fixed OpenSSL bugs myself, and was trying to contribute to the project.”
Well, there you have it – Heartbleed stemmed from Seggelman’s effort in making amends to the OpenSSL cryptographic library at the end of 2011.
NSA Denies Knowledge Of Heartbleed Vulnerability , original content from Ubergizmo, Filed in Computers, heartbleed, nsa,
Apr 14
Over the weekend, it was revealed that President Obama thinks that when the National Security Agency discovers major flaws in Internet security, they should be allowed to exploit it if there’s a "a clear national security or law enforcement need."
Who's in charge here?
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.