Rush to defend against Heartbleed leads to mistakes with certificates, patches
Despite taking prompt action to defend against the Heartbleed attack, some sites are no better off than before -- and in some cases, they are much worse off.
Despite taking prompt action to defend against the Heartbleed attack, some sites are no better off than before -- and in some cases, they are much worse off.
Worried about how the Heartbleed vulnerability may affect your personal accounts? A new tool may be of help.
An Electronic Arts website was hacked in a phishing scheme aimed at the acquisition of Apple IDs and credit card numbers, security researchers reported Wednesday.
Dozens of self-signed SSL certificates created to impersonate banking, e-commerce and social networking websites have been found on the Web. The certificates don't pose a big threat to browser users, but could be used to launch man-in-the-middle attacks against users of many mobile apps, according to researchers from Internet services firm Netcraft who found the certificates.
By and large, the major websites hit by Heartbleed have recovered. So have the bad guys, who are undoubtedly plotting their next move. Here, security experts offer their take on five large-scale, Heartbleed-level vulnerabilities for which CIOs should prepare.