More than three months have passed since the discovery of the OpenSSL Heartbleed bug, and many systems are still vulnerable.
The surge in the number of data breaches and recent security bugs such as Heartbleed has generated strong interest in digital certificates and technologies, including SSL and PKI.
A number of Siemens industrial products have been found sporting four vulnerabilities in their OpenSSL implementation, which could lead to man-in-the-middle (MitM) attacks or the crashing of web servers of the products.
Roman Hussy, the Swiss security activist behind Abuse.ch, has started another project: the SSL Blacklist (SSLBL).
An infosec consultant looking to book a hotel via HotelHippo.com, owned by HotelStayUK, has ultimately discovered that the website is definitely not to be trusted with private and card information, even though it sports the “COMODO – Authentic & Secure” trust seal.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.