Two Major OpenSSL Vulnerabilities Identified, Patch Coming Soon
Just last year, a major vulnerability in the OpenSSL protocol caused a lot of concern for internet traffic all around. Not only are nearly all sites protected by OpenSSL, but various web apps and other third-party platforms rely on this security standard as well. And even though heartbleed had been fixed for a while now, there are other vulnerabilities that need to be patched sooner rather than later. On Thursday – two days from the time of publication – a new version of OpenSSL will be released to the public that contains two major vulnerability patches. Considering the fact that most....
Related News
It is always positive to see technology giants patch security vulnerabilities before they can be exploited by assailants, and Microsoft has done exactly that. Seven vulnerabilities have been patched, shutting the door for malware and ransomware infections through these security flaws. Microsoft Tackles Badlock Bug With New Patch. Although it is all but impossible to completely secure an operating system, Microsoft has taken out several attack vectors assailants might have wanted to exploit in the coming months. A bunch of security fixes has been released to close various security....
Those wanting to support the OpenSSL project can now make donations in bitcoin, as well as via more traditional means of payment. First released in 1998, OpenSSL is a commercial-grade, open-source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general purpose cryptography library. Currently at version 1.0.1g, and with 1.0.2 currently in beta, it is estimated that OpenSSL is now used on two-thirds of all web servers. However, the OpenSSL project is headed by a relatively small team with just one full-time....
Bitcoin Core version 0.9.1 has been released to update the core OpenSSL library to the bugfixed version 1.0.1g. The Bitcoin Core security update to version 0.9.1 comes less than 24 hours after an announcement of the discovery of the Heartbleed Bug. Specifically, the OpenSSL Heartbleed Bug could reveal partial memory contents related to an encrypted SSL/TLS session to an attacker. In the case of Bitcoin, this means that private keys may be revealed. Specific Vulnerabilities. Any Bitcoin Core GUI that uses a vulnerable version of the OpenSSL library could be vulnerable to the following....
This week on CCN, we learned about the massive Heartbleed bug, the potential future of Bitcoin with sidechains, SecondMarket's new bitcoin investment fund, exciting new Bitcoin services, and more. Check out some of our top stories this week (7 April - 13 April) on this CCN Week in Review. [youtube http://www.youtube.com/watch?v=WHbL4xmbGts?rel=0]. Hacker Exploits Heartbleed Bug in BTCJam Heist. A programming error in OpenSSL versions 1.0.1 - 1.0.1f is causing panic across the Internet. Heartbleed is a very serious vulnerability in the OpenSSL cryptographic library. OpenSSL is used....
Bitcoin Core Version 0.9.1 is out and it has addressed the Heartbleed OpenSSL vulnerability, also known as CVE-2014-0160. The vulnerability has been patched by major bitcoin exchanges in a matter of hours. In case you missed it, Heartbleed is a pretty big deal in the security community. The crypto bug in OpenSSL (an open-source implementation of the SSL and TLS internet security protocols that encrypt and secure internet traffic) has opened up two thirds of the web to eavesdropping. It was uncovered earlier this week and many observers described it as nothing short of catastrophic. Bitcoin....