Posted By - Michael Mimoso, Editorial Director for the TechTarget Security Media GroupPosted on - Sunday, April 27th, 2014 09:42:00 AM
The Apache Software Foundation today released an advisory warning that a patch issued in March for a zero-day vulnerability in Apache Struts did not fully patch the bug in question. Officials said a new patch is in development and will be released likely within the next 72 hours, said Rene Gielen of the Apache Struts team.
Posted By - John Hawes, Chief of Operations Posted on - Sunday, April 27th, 2014 09:28:00 AM
There's been a sharp upturn in the numbers of phishing pages, with the majority of them hosted in China and targeting Chinese victims and sites. That's according to analysis of world phishing trends from the Anti-Phishing Working Group (APWG).
Posted By - Richard Henderson, Security Strategist FortiGuard LabsPosted on - Sunday, April 27th, 2014 09:10:00 AM
Heartbleed bug took the world by a storm. It is an unprecedented incident that has caught the global information security community totally unawares. What is it? How does it work? What it does? All the reasonable questions need answers. Here's an FAQ for your ready reference.
Posted By - Bruce Schneier, CTOPosted on - Monday, April 14th, 2014 02:55:00 PM
The Heartbleed bug allows to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content.