More than three months have passed since the discovery of the OpenSSL Heartbleed bug, and many systems are still vulnerable.
A number of Siemens industrial products have been found sporting four vulnerabilities in their OpenSSL implementation, which could lead to man-in-the-middle (MitM) attacks or the crashing of web servers of the products.
Oracle's Quarterly Critical Patch Update (CPU) is never a minor event.
In light of the escalation of DDoS attacks used as a means of extorting money from online businesses, the news that there has been a significant decrease in vulnerable Network Time Protocol (NTP) servers that can be used in NTP amplification DDoS attacks is more than welcome.
Malware peddlers are taking advantage of the fact that the existence of the Heartbleed bug has breached the confines of the cyber security world and has entered the awareness of Internet users around the world, and they are offering them a bogus "HeartBleed Virus Removal Tool." "The email warns users that while they may have done what they can by changing their passwords on the websites they use, their computer may still be 'infected' with the Heartbleed bug," shared Symantec researchers.