Heartbleed


Also found in: Dictionary, Wikipedia.
Related to Heartbleed: Shellshock, OpenSSL

Heartbleed

A bug in the widely used OpenSSL Internet security protocol that was discovered on April 1, 2014. Heartbleed enabled a large amount of memory (RAM) to be accessed, which could disclose passwords and private keys. Although a patch was forthcoming in a matter of days, more than a half million Web servers were vulnerable until the patch was applied. See OpenSSL, SSL and TLS.
Mentioned in ?
References in periodicals archive ?
StealthWatch Labs relentlessly investigates attacker motives and methods to both educate customers and incorporate enhanced threat protection capabilities into the StealthWatch System, especially in the face of large-scale attacks like Heartbleed and CryptoLocker.
Dropbox's good business intentions has recently been slammed with criticisms after posting a blog in its users' forum announcing its servers is vulnerable to the Heartbleed bug, a Web encryption flaw that worries millions of Internet users worldwide for fear that their most private online data will be hacked, stolen and misused without their prior knowledge.
OpenSSL project, where faulty coding resulted in the HeartBleed flaw which has
clsrd) Washington Post reported , "Efforts to fix the notorious Heartbleed bug threaten to cause major disruptions to the Internet over the next several weeks as companies scramble to repair encryption systems on hundreds of thousands of Web sites at the same time.
In a recent development, Nokia pledged to help the OpenSSL Project in its fight against future vulnerabilities like Heartbleed by making a substantial financial donation and becoming the Project s first Platinum sponsor.
The recent HeartBleed security flaw is putting the open source approach under the microscope.
Millions of Android devices could be vulnerable to the Heartbleed bug.
Hong Kong Government agencies have successfully finished the installation of patches, arranged for renewal of digital certificates and cryptographic keys, and took steps to remind users to change their passwords, in an efforts to protect themselves and their e-services' users from a security loophole Heartbleed found in the widely-used OpenSSL encryption software.
Paula Phelan, CEO, Nadel Phelan, said : "Vulnerabilities like Heartbleed show that the need for session-based multi-factor authentication is greater than ever before.
Trend Micro Incorporated today announced the release of two free Heartbleed scanners for computers and mobile devices designed to verify whether end-point devices are communicating with servers that have been compromised by the Heartbleed bug.
The Heartbleed vulnerability, uncovered in 2014, was a flaw in the coding of the open source Open SSL package, which left a wide range of systems vulnerable to attack.
According to OpenSSL co-founder Tim Hudson, the Coverity Scan service helped to catch newly discovered defects and highlight where other issues like the Heartbleed bug might exist.