Palo Alto Networks Addresses Heartbleed Vulnerability (CVE-2014-0160)

Palo Alto Networks Addresses Heartbleed Vulnerability (CVE-2014-0160)

A critical vulnerability in OpenSSL (CVE-2014-0160: OpenSSL Private Key Disclosure Vulnerability) was recently disclosed, which affects servers running OpenSSL 1.0.1 through 1.0.1f, estimated at ”over 17% of SSL web servers which use certificates issued by trusted certificate authorities.” The vulnerability essentially compromises the integrity of SSL encryption, allowing attackers to steal sensitive data from this secure channel. [...]

More Than A Half-Million Servers Exposed To Heartbleed Flaw

More Than A Half-Million Servers Exposed To Heartbleed Flaw

What the newly exposed SSL/TLS threat really means for enterprises and end-users. The newly exposed Heartbleed bug plaguing some 17 percent of SSL-secured websites as well as various VPN products has caused a massive case of Internet heartburn over the past 48 hours as companies rushed to confirm their exposure and lock down their SSL/TLS software. But [...]

Heartbleed and the Internet of Things implications

Heartbleed and the Internet of Things implications

Chances are good you have already seen news about the OpenSSL Heartbleed vulnerability (i.e., CVE-2014-0160). It's a pretty significant bug, particularly since it impacts popular open-source web servers such as Apache (the most popular web server) and Nginx. This means that a combined population of up to 66 percent of the Internet is potentially impacted (based on data from [...]