Share this post with Digg

An anonymous reader writes “Since the announcement malicious actors have been leaking software library data and using one of the several provided PoC codes to attack the massive amount of services available on the internet. One of the more complicated issues is that the OpenSSL patches were not in-line with the upstream of large Linux flavors. We have had a opportunity to review the behavior of the exploit and have come up with the following IDS signatures to be deployed for detection

Heartbleed-genesis

The Internet bug known as Heartbleed was introduced to the world on New Year’s Eve in December 2011. Now, one of the people involved is sharing his side of the story

The Bleeding Hearts Club: Heartbleed Recovery for System Administrators

EFF.org Updates by Starchy Grant and David Grant

The Heartbleed SSL vulnerability presents significant concerns for users and major challenges for site operators. This article presents a series of steps server and site owners should carry out as soon as possible to help protect the public. We acknowledge that some steps might not be feasible, important, or even relevant for every site, so the steps are given in order both of their importance and the order they should be carried out

 

What does Heartbleed mean for journalists?

Nieman Journalism Lab by Caroline O’Donovan

Yes, you need to reset all your passwords. But what are the specific impacts for journalists regarding the Heartbleed security breach announced yesterday? For Source (and also the ProPublica Nerd Blog), Mike Tigas has a breakdown.

Why Heartbleed Is the Ultimate Web Nightmare

Mashable! by Christina Warren Heartbleed_nightmare

It’s easy to want to think the reaction to the Heartbleed OpenSSL vulnerability is overblown; Sadly, it’s not. Heartbleed is bad. It’s not hyperbole; it’s a major problem

Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013?

EFF.org Updates by Peter Eckersley and Peter Eckersley

Yesterday afternoon, Ars Technica published a story reporting two possible logs ofHeartbleed attacks occurring in the wild, months before Monday’s public disclosure of the vulnerability. It would be very bad news if these stories were true, indicating that blackhats and/or intelligence agencies may have had a long period when they knew about the attack and could use it at their leisure.

 

After ?Catastrophic? Security Bug, the Internet Needs a Password Reset

Wired Top Stories

Security experts are calling Heartbleed, a bug in the internet?s infrastructure, the worse thing they?ve seen in years. The bug is such problem, it may require what amounts to a massive password reset for the internet at large.

Has the NSA Been Using the Heartbleed Bug as an Internet Peephole?

Wired Top Stories

The Heartbleed bug is unusually worrisome because it could possibly be used by the NSA or other spy agencies to steal your usernames and passwords ? for sensitive services like banking, ecommerce, and web-based email ? as well as the private keys that vulnerable web sites use to encrypt your traffic to them

Many Devices Will Never Be Patched to Fix Heartbleed Bug

MIT Technology Review

Home automation systems and networking equipment vulnerable to a major encryption flaw are unlikely to be fixed.

 

US set to boycott Brazil’s global Internet governance plans

ZDNet

A document released by WikiLeaks this week revealed that spying activities carried out by the United States will be condemned at Brazil’s upcoming global Internet governance event – but the proposals will face strong opposition from the United States

Online digital archives at risk

AL JAZEERA ENGLISH (IN DEPTH)

Some digital archivists warn of a ‘bit rot’ where pieces of internet information erase themselves over time.

Geo-Mapping Tools and Data Analysis Redefine Reporting in Africa

Global Voices Online by Ndesanjo Macha

Two media projects in Africa are using geo-mapping tools to expose eco-offenses, track organised crime syndicates in southern Africa and redefine development reporting.

The Reason Twitter Wants to Look Like Facebook: Your Parents

Wired Top Stories

There’s blatant imitation, and then there’s thoughtful strategy. At first blush, Twitter?s new redesign — which debuted Tuesday morning on The Today Show — looks a bit like a Facebook rip-off. But if you take a closer look, you’ll see it’s also a pretty good business move.

Information requests flood NSA post-Snowden

AL JAZEERA ENGLISH (IN DEPTH)

Al Jazeera obtains access to full list of Freedom of Information Act queries submitted to US security agency

 

STUDY: Instagram Is Most Important To Teens

All Facebook by David CohenPiperJaffrayChart650

 

Enhanced by Zemanta

Tagged in: , , ,

%d bloggers like this: