That Hearbleed problem may be more pervasive than you think

 That lingering Hearbleed flaw recently discovered in 200,000 devices is more insidious than that number indicates.

According to a report posted by Shodan, the Heartbleed vulnerability first exposed in April 2014 was still found in 199,594 internet-accessible devices during a scan it performed last weekend.

But according to open-source security firm Black Duck, about 11 percent of more than 200 applications it audited between Oct. 2015 and March 2016 contained the flaw, which enables a buffer overread that endangers data from clients and servers running affected versions of OpenSSL.

To read this article in full or to leave a comment, please click here


Source: Infoworld.com | Security

Leave a Reply

Your email address will not be published. Required fields are marked *

*