9 Stories

Hackers Exploit Security Flaw Bigger Than Heartbleed

Old (but newly discovered) 'Shellshock' bug makes common software vulnerable

(Newser) - Remember the Heartbleed bug that made the Internet a sitting duck for hackers? We're now experiencing another security breach that's as bad or worse, reports CNET . One weird aspect, at least to laymen: The flaw has been around for 22 years but went unnoticed until this week. Known... More »

Tech Titans Throw $3.6M at Preventing New Heartbleed

Google, Microsoft, Amazon among firms backing effort

(Newser) - Competing tech giants don't want to see another Heartbleed, and they're putting their money where their mouth is to ensure that they don't. Some of tech's biggest names—Google, Facebook, Microsoft, Amazon, and Dell, to name a few—are now jointly funding an effort to support... More »

Heartbleed Fears Prompt ObamaCare Password Reset

No sign site has been compromised: White House

(Newser) - People who have accounts on the enrollment website for ObamaCare are being told to change their passwords following an administration-wide review of the government's vulnerability to the confounding Heartbleed Internet security flaw. All enrollee passwords have been reset, the White House says, per CNN . Senior administration officials said there... More »

Canada Arrests Teen in Heartbleed Hack

Ontario suspect, 19, accused of stealing data from Canada's revenue agency

(Newser) - A 19-year-old computer whiz in Canada has been charged with taking advantage of the Heartbleed Internet breach to hack into the nation's version of the IRS, reports the BBC . Stephen Arthuro Solis-Reyes of London, Ontario, is accused of exploiting the flaw to steal 900 social insurance numbers from the... More »

More Heartbleed Fallout: 'Major' Internet Disruptions

Security-certificate issue may seriously slow down browsing

(Newser) - The Heartbleed security flaw could pose a major nuisance even if your data isn't compromised, as hundreds of thousands of websites scramble to fix the problem—causing what the Washington Post predicts will be "major disruptions" to Internet service. At issue are sites' security certificates, or identification information... More »

Report: NSA Knew of Heartbleed Flaw for 2 Years

Bloomberg says the agency chose to exploit it rather than fix it

(Newser) - Bloomberg is out with a report likely to anger all those who have changed their passwords, or plan to, because of the massive Internet security breach called Heartbleed . The story says the NSA discovered the flaw almost as soon as it was introduced in the open-source protocol OpenSSL two... More »

Man Behind Heartbleed: It Was a 'Trivial' Mistake

Meanwhile, guy who found the bug donates reward

(Newser) - Conspiracy theories have been building about Heartbleed, but the man whose coding error caused the vulnerability says it was an honest mistake. Dr. Robin Seggelman, a German programmer, says he was trying to improve OpenSSL with the patch that introduced Heartbleed—his other patches to the open-source software project have... More »

Canada Shuts Down Online Tax System Over Heartbleed

How you can protect yourself

(Newser) - Just how bad is the Heartbleed exploit ? So bad that even the taxman can't handle it, at least in Canada. The Canadian Revenue Agency has cut off access to its online services because of the issue, and says they'll likely remain offline for days, the Toronto Star... More »

Massive Security Flaw Left Much of Internet Exposed

'Heartbleed' bug has affected OpenSSL protocol for 2 years

(Newser) - A major flaw in one of the Internet's chief security methods has exposed users' confidential information to hackers for the last two years, security researchers revealed Monday night. The "Heartbleed" bug affects the OpenSSL security protocol used by some two-thirds of websites to protect sensitive data as it... More »

9 Stories