Thursday 10 April 2014

Heartbleed OpenSSL Vulnerability: A Technical Remediation

An anonymous reader writes "Since the announcement malicious actors have been leaking software library data and using one of the several provided PoC codes to attack the massive amount of services available on the internet. One of the more complicated issues is that the OpenSSL patches were not in-line with the upstream of large Linux flavors. We have had a opportunity to review the behavior of the exploit and have come up with the following IDS signatures to be deployed for detection."

Read more of this story at Slashdot.




















from Slashdot http://ift.tt/1hiQuSu

via IFTTT

No comments: