Another critical bug in an open source SSL/TLS (and DTLS) cryptographic library has been discovered and patched last week.
Nearly two months have passed since the public revelation of the Heartbleed bug affecting the widely used open source cryptographic library OpenSSL.
Did you know that Outlook and many other email and mobile messaging Android apps store your emails and messages on the device's SD card, unencrypted, and accessible to any third-party app that is permitted to access the card's contents? Couple that with the (widely given) permission to access the Internet, and your potentially confidential conversations might be exfiltrated and stored on remote servers for attackers to peruse and misuse.
HP's Zero Day Initiative has published details about a zero-day vulnerability affecting Microsoft Internet Explorer 8 which the Redmond giant apparently has no intention to fix.
The danger from Heartbleed has passed for most Internet users, but operators of Industrial Control Systems (ICS) are not that lucky.