On June 5, 2014 the OpenSSL project released a security advisory. CVE-2014-0224 can allow for a man-in-the-middle (MITM) attack to be carried out between a vulnerable client and vulnerable server. According to OpenSSL, an attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited […]
Archive | Security & Privacy
Important Read – Critical Security Advisory & Patch for OpenSSL Heartbleed Vulnerability
On April 7, the OpenSSL project issued a Security Advisory that detailed a serious vulnerability in the encryption software in use by two-thirds of the Internet. This vulnerability (nicknamed “Heartbleed”) could potentially allow attackers to retrieve information from encrypted SSL endpoints, including passwords and other credential information. Learn more about the “Heartbleed” security threat from […]