As the backbone of web security, Secure Sockets Layer (SSL) technology is a must for securing sensitive data passing over the Internet -- whether that's e-commerce traffic, remote access to internal servers, or other secure communications.
A group of researchers from Carnegie Mellon University and Facebook has managed to get a concrete sense of just how prevalent SSL man-in-the-middle attacks using forged SSL certificates are in the wild.
In this podcast, recorded at Infosecurity Europe 2014, Ivan Ristic, Director of Engineering at Qualys, talks about the Heartbleed bug and its impact on the security industry.
The National Institute of Standards and Technology (NIST) has released an update to a document that helps computer administrators maintain the security of information traveling across their networks.
For all the talk about how something should be done to fix OpenSSL so that a Heartbleed situation is never again repeated, there has been little to no concrete action so far.