New Heartbleed Exploit Hijacked Secure Network Sessions

[Guest]

The latest confirmed Heartbleed exploit involved hacking into a VPN, bypassing its multifactor authentication to hijack users' accounts.

New Heartbleed Exploit Hijacked Secure Network Sessions : Read more

 

[rwinches]

"the bug exists on firmware that has to be replaced, not updated"

"the makers of the affected VPN concentrator need to create a firmware update for these devices and push it out to their customers."

Yeah cause if you have a very expensive piece of equipment you of course would include the ability to update the firmware.

 

[sajidali27]

First we need to understand Who is affected and who’s not? The second threat is that they got the private keys to your SSL certificate. All of VPN servers have been patched and new keys have been made. Our private CA keys are not stored online and did not need to be changed. <a href="http/www.bestvpnservice.com/blog/how-to-protect-from-heartbleed-bug" title="How to Stay Safe from OpenSSL’s Heartbleed">

 

[MalcolmTucker]

Apple "AirPort Utility" also uses OpenSSL according to the Licensing documents.

Until Apple provides a new release of "Airport Utility", it's likely best for Apple Users to go to their Applications > Utilities Folder and place "Airport Utility into the trash.

Doing this exercise will protect Apple users from the vulnerabilities that may be present in the Apple Software, that Apple doesn't want to disclose. Remember- Apple's culture is based on a different release type. It's

Deny -> Replace -> Market and brand the update -> Admit there was a problem -> Put Phil Schiller in an on-stage demo where he's wearing a speedo that turns Tim Cook on.

 

[SeanSanker]

Malcolm:
Where did you get your info? Apple ditched their OpenSSL code 10 years ago. Your homophobic comments really have no place here. http/appleinsider.com/articles/14/04/18/how-apple-dodged-the-heartbleed-bullet

 

[Blessedman]

Everyone keeps looking at hackers, I am looking at the NSA (with backing from the MPAA and the RIAA) at a grab for the future of the net.

 

[Dr-Emmerich]

Apple "AirPort Utility" also uses OpenSSL according to the Licensing documents.

Until Apple provides a new release of "Airport Utility", it's likely best for Apple Users to go to their Applications > Utilities Folder and place "Airport Utility into the trash.

Doing this exercise will protect Apple users from the vulnerabilities that may be present in the Apple Software, that Apple doesn't want to disclose. Remember- Apple's culture is based on a different release type. It's

Deny -> Replace -> Market and brand the update -> Admit there was a problem -> Put Phil Schiller in an on-stage demo where he's wearing a speedo that turns Tim Cook on.

You have NO idea what you're talking about... worst kind of troll.