SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
# OpenSSL
2 Mar 2016

More than 11 million OpenSSL HTTPS websites at risk

A new deadly security vulnerability has been discovered in OpenSSL that affects more than 11 Million modern websites and e-mail services protected by an ancient, long deprecated transport layer security protocol, Secure Sockets Layer.

Dubbed DROWN, the highly critical security hole in OpenSSL was disclosed today as a low-cost attack that could decrypt your sensitive, secure HTTPS communications, including passwords and credit card details and that too in a matter of hours or in some cases almost immediately, a team of 15 security researchers from various universities and the infosec community warned Tuesday.

Read more
Tags:
information leaks OpenSSL Drown
Source:
The Hacker News
2046
20 May 2015

What you really need to know about Venom bug

Heartbleed. Shellshock. And now Venom. The names for cyber vulnerabilities keep getting scarier. But the latest threat, dubbed Venom, isn't going to cause as much trouble as the hype might lead you to believe.

While Venom has the potential to cause widespread catastrophe, it's unlikely to cause the same mess as Heartbleed because fixes are already taking place, security researchers say. "You've got a lot of scrambling going on, but I think this will go away sooner than later because people will respond pretty quickly to remediate and patch this," said Joe Loomis, founder and CEO of CyberSponse.

Read more
Tags:
Venom information leaks OpenSSL
Source:
CNBC
2200
3 Oct 2014

What is the Bash vulnerability and why it affects everyone

In what seems like the most impactful security vulnerability since the OpenSSL Heartbleed affair, a new Internet-wide bug emerged this week in the Bourne again shell (Bash).

While its true severity remains unknown, the Bash vulnerability (also known as “shell shock”) is being talked about everywhere, and you may have even seen your local news anchors discussing the story in front of a green-screen covered in fast-scrolling computer code on last night’s evening news. Bash is present in a very large number of Web-servers and in-home appliances. What is Bash?

Read more
Tags:
information leaks Bash Shellshock OpenSSL Heartbleed
Source:
Kaspersky Daily
Author:
Brian Donohue
2275
21 Aug 2014

CHS Hacked via Heartbleed Vulnerability

As many of you may have already been aware, a breach at Community Health Systems (CHS) affecting an estimated 4.5 million patients was recently revealed. TrustedSec obtained the first details on how the breach occured and new information relating to this breach.

The initial attack vector was through the infamous OpenSSL “heartbleed” vulnerability which led to the compromise of the information. This confirmation of the initial attack vector was obtained from a trusted and anonymous source close to the CHS investigation. Attackers were able to glean user credentials from memory on a CHS Juniper device via the heartbleed vulnerability.

Read more
Tags:
hackers fraud OpenSSL
Source:
Trusted Sec
1997
11 Apr 2014

NSA knew about the Heartbleed vulnerability two years ago

The NSA knew about and exploited the Heartbleed vulnerability for two years before it was publicly exposed this week, and used it to steal account passwords and other data.

Speculation had been rampant this week that the spy agency might have known about the critical flaw in OpenSSL that would allow hackers to siphon passwords, email content and other data from the memory of vulnerable web servers and other systems using the important encryption protocol. That speculation appears to be confirmed by two unnamed sources who told Bloomberg that the NSA discovered the flaw shortly after it was accidentally introduced into OpenSSl in 2012 by a programmer. 

Read more
Tags:
NSA OpenSSL Snowden USA surveillance
Source:
Wired
1872
9 Apr 2014

Major encryption security bug ‘Heartbleed’ impacts two-thirds of the web

Tens of millions of servers were exposed to a security vulnerability called “Heartbleed” in OpenSSL, software used to encrypt much of the internet. While an emergency patch has been released, sites like Yahoo have raced to fortify security. 

The open-source OpenSSL project released an emergency security advisory warning of “Heartbleed,” a bug pulls in private keys to a server using vulnerable software, allowing operators to suck in data traffic and even impersonate the server. The server's private encryption keys are a particular target, since they're necessarily kept in working memory.

Read more
Tags:
Heartbleed OpenSSL surveillance
Source:
Russia Today
2205
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015