Heartbleed bug still a threat after flawed patches

  • 11 May 2014
  • 1 reply
  • 1147 views

Userlevel 7
Heartbleed bug still a threat after flawed patches
by Alex Hamilton
 
Rush to patch Heartbleed bug causes sites to make dangerous errors.
The majority of sites that attempted to protect themselves against Heartbleed have ended up no better for it, while some are actually more vulnerable than before. 
Following Heartbleed's reveal on 7 April, sites scrambled to patch their OpenSSL installations and revoke their old certificates.
Now, data from a study conducted by Netcraft shows that many sites haven’t done enough to fully protect themselves from the bug.
Some 30,000 sites revoked their old certificates but did not replace their private keys, according to Netcraft. If these keys had been compromised it renders replacing the certificates moot: having the key allows a hacker to decrypt sensitive information and perform man-in the-middle attacks. 
 
Full Article
 
At least because of the reasons mentioned in the article, the Heartbleed issue remains open and users should still maintain an increased caution.

1 reply

Userlevel 7
The following article is a update on Heartbleed
(Heartbleed still a critical threat)
 
Author:Zeljka Zorz HNS Managing Editor/ Posted on 29 August 2014.
 
Cyber attackers have been quick to exploit the Hearbleed OpenSSL bug, to the tune of hundreds of thousand attacks per day in the week after the public revelation of its existence, the statistics shared in the latest quarterly IBM X-Force Threat Intelligence report have shown.

"Much emphasis has been placed on preparing for and mitigating zero-day attacks, but in the case of Heartbleed, a more interesting study occurs after disclosure, when both attackers and enterprises are racing against the clock," noted Leslie Horacek, threat response manager for IBM X-Force security research group.

"IBM’s Managed Security Services (MSS) witnessed attackers immediately retooling and exploiting the bug on a global scale," she shared, and attacks came fast and thick (click on the screenshot to enlarge it):

http://www.net-security.org/images/articles/hb-ibm-29082014-small.jpg

Less then two weeks after, the number of attacks attempting to exploit the bug has dropped considerably, but is still significant. "MSS sees an average of 7,000 attacks per day across a large attack surface," it is noted in the report (registration required).

 
Help Net Security/full article here/ http://www.net-security.org/secworld.php?id=17312

Reply