Welcome back to Threat Level Thursday, where this week we'll be talking more about the defensive end of cybersecurity, including a set of guidelines to improve critical systems and software security by the National Institute of Standards and Technology (NIST) and why quick responses to threats are great, but rash ones aren't.
While it's important to respond quickly and effectively in light of a cybersecurity hole such as Heartbleed, new data shows that some websites actually added the vulnerability in the rush to patch systems.
Heartbleed, the proposed "worst vulnerability" ever, was apparently not scary enough. New research shows that not even half of those aware of Heartbleed took the precaution of changing their passwords.
In light of recent cybersecurity scares such as Heartbleed and the recent Internet Explorer zero-day exploit, the White House revealed on Monday that disclosing some of these vulnerabilities to the public isn't always the easiest of choices to make.
Remember Heartbleed? Discovered two weeks ago, the Internet exploit sent ripples through the technosphere due to the fact that around two-thirds of the world's websites were affected. It's not just servers, however, that are vulnerable to Heartbleed.
The Heartbleed OpenSSL Internet bug that was discovered last week and has quickly become one of the most infamous exploits ever wasn't inserted into the code deliberately, says the German software developer who accidentally let the exploit slip by unnoticed.
The National Security Agency has denied that it knew about, and exploited, the much-feared Heartbleed bug for two years without informing anyone. The unequivocal denial comes after a Bloomberg News report alleged that the spy agency used the security vulnerability to collect data.
Heartbleed is the new scare on the Internet -- an exploit with such a widespread blast zone that two-thirds of the world's websites are believed to have been vulnerable to the bug. Although Heartbleed flew under the radar for more than two years, four engineers were able to uncover what some are calling the worst Internet exploit ever.
A newly discovered Internet security exploit dubbed "Heartbleed" has cybersecurity experts scrambling thanks to the implication that millions of usernames, passwords, credit cards, and other personal information have been vulnerable for more than two years.
