NSA Apparently Knew About Heartbleed Vulnerability For Years [Report]

NSA Apparently Knew About Heartbleed Vulnerability For Years [Report]The Heartbleed bug has making a lot of waves recently and for those unfamiliar, it’s a vulnerability with the OpenSSL technology that could have potentially affected at least two-thirds of the internet, since many web services and online companies take advantage of the technology and implement it on their websites.

Now this vulnerability has been around for years but it was only recently that it was discovered, or was it? According to Bloomberg, they cite “two people familiar with the matter” who claims that this is actually an issue that the NSA has discovered and has exploited the flaw for years. They claim that the NSA has since been using this flaw to gather critical intelligence and have been doing so on a regular basis. (more…)

  • Follow: Web, heartbleed, , ,
  • NSA Apparently Knew About Heartbleed Vulnerability For Years [Report] original content from Ubergizmo.

    NSA denies Heartbleed knowledge and exploitation

    The NSA has denied knowledge of the Heartbleed bug, following allegations that not only did the security agency discover the exploit two years ago, but that it opted to keep … Continue reading

    NSA exploited Heartbleed for two years claim insiders [Updated]

    The NSA has not only known about the Heartbleed bug for at least two years, but exploited it in regular surveillance attacks, insider sources have alleged, opting to keep the … Continue reading

    Report: NSA Used Heartbleed to Spy on People for Years

    Report: NSA Used Heartbleed to Spy on People for Years

    It’s true. After days of speculation over whether the NSA knew about the Heartbleed vulnerability that affected as many as two thirds of the websites on the internet, two anonymous sources tell Bloomberg that the NSA didn’t just know about it, they used it to gather intelligence.

    Read more…




    How a Great Logo Helped Make You Actually Care About Heartbleed

    How a Great Logo Helped Make You Actually Care About Heartbleed

    You might not understand the how Heartbleed works , but you definitely heard about it this week. And with it, that drippy, maroon, bleeding heart logo—which is part of what made the story so memorable. In fact, the way Heartbleed was presented by the team that discovered it is a model for how technology issues should be communicated to the public.

    Read more…




    Heartbleed Affects Routers, Too

    Heartbleed Affects Routers, Too

    Some more heartache from Heartbleed: it affects routers, too. Cisco Systems and Juniper Networks have announced that the security hole that is Heartbleed has been found in their networking equipment.

    Read more…




    Apple’s iOS, OS X, And “Key Web-Based Services” Not Affected By Heartbleed Flaw

    Apples iOS, OS X, And Key Web Based Services Not Affected By Heartbleed FlawBy now we’re sure many of you guys have heard of a certain security flaw called Heartbleed. For those unfamiliar, the Heartbleed vulnerability was discovered in the OpenSSL technology, which is a set of encryption software that is typically used by internet services and companies to help safeguard user information, and is apparently used on more than two-thirds of the internet, thus making the threat very real and very scary.

    Many companies have since come forward to either confirm or deny that their services might have been affected, and for the most part many users have taken to changing their passwords used for online services just to be extra safe. Now the good news for Apple users is that the Cupertino company has since come forward and stated that none of their products or “key web services” have been affected by this flaw.

    This was confirmed by an Apple spokesperson in a statement to Re/code. According to the statement made, “Apple takes security very seriously. IOS and OS X never incorporated the vulnerable software and key Web-based services were not affected.” It should be noted that Apple is one of the few major tech companies not affected by this vulnerability, at least that’s what they claim.

    There are some like Facebook, Google, and Yahoo who have used the OpenSSL technology and have admitted that there could be periods of time when they might have been vulnerable to the Heartbleed flaw. Like we said, it’s best to go ahead and update your passwords just to be on the safe side.

    In the meantime, the folks at Mashable have compiled a list of websites and services that may or may not have been affected by the flaw, so if you want to see if the websites and services you frequent are affected, head on over for the details.

    Apple’s iOS, OS X, And “Key Web-Based Services” Not Affected By Heartbleed Flaw , original content from Ubergizmo, Filed in Apple, heartbleed, , ,



    How Secure Are Your Favorite Websites?

    How Secure Are Your Favorite Websites?

    Heartbleed is a scary thing. Aside from the violent-sounding name, the vulnerability in OpenSSL security protocols spans the entire internet and affects most of the sites we know, love, and use on a daily basis. Even outside of Heartbleed, not all security protocols are created equal. So how do you know who to trust?

    Read more…




    The Heartbleed-Vulnerable Passwords You Need to Change Right Now

    The Heartbleed-Vulnerable Passwords You Need to Change Right Now

    By now, chances are you’ve already heard about the preposterously huge security hole in SSL. You’ve also probably heard how it could easily have left you exposed to all sorts of nefarious activity over the past few years. Now, thanks to Mashable, we also have a better idea of exactly which websites had the flaw.

    Read more…




    Reset Your Passwords After Heartbleed Bug Makes The News

    Reset Your Passwords After Heartbleed Bug Makes The NewsI am quite sure that many of us have already read about the Heartbleed bug that has raised quite a sheer amount of panic among some members of the populace, although cooler heads have also prevailed in the process. In fact, some technology firms have urged folks to make changes to their passwords – all of them, after stumbling across this major security flaw. Heartbleed basically allows one to access data that was previously thought to be protected by OpenSSL, the encryption software that is used by internet services across a broad spectrum.

    Professor David Stupples of City University have urged folks to make changes to their passwords when it comes to online services including emails and of course, banking. Yahoo blogging platform Tumblr too, has not ignored the gravity of such a bug, having advised the masses to “change your passwords everywhere – especially your high-security services like email, file storage and banking”.

    Who would have thought that a product which was used to safeguard data could actually have been compromised, resulting in the ability to “eavesdrop” digitally? What was meant to protect is now a threat, so it would be a good time to think of the many alphanumeric passwords for you to use with your numerous online accounts for the umpteeth time. Let’s face it, gone are the days when JohnDoer0xX!11! can be your password that will last for the next 20 years.

    Reset Your Passwords After Heartbleed Bug Makes The News , original content from Ubergizmo, Filed in Computers, , heartbleed,