Search My Blog

Thursday, April 10, 2014

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library which is used for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs)

The Heartbleed Bug

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.
Read More...
http://heartbleed.com/

The Heartbleed Hit List: The Passwords That (they say) You Need to Change Right Now



Here's a good Article, on what to do and how the Heartbleed Bug may effect you...


What you need to do about Heartbleed

The Heartbleed bug has affected about two-thirds of the world s websites

April 10, 2014 04:18 PM ET

Read More...
http://www.computerworld.com/s/article/9247583/What_you_need_to_do_about_Heartbleed?source=CTWNLE_nlt_pm_2014-04-10


Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library - Internet Web Security
What you need to do about Heartbleed - Computerworld
Test your server for Heartbleed (CVE-2014-0160)
Qualys SSL Labs
Chrome Web Store - Chromebleed
'Heartbleed' bug in OpenSSL leaves encrypted communications at risk - Computerworld
Heartbleed Bug
OpenSSL: The Open Source toolkit for SSL/TLS
DEFENSICS. Defend. Then deploy. | Codenomicon Defensics
The Heartbleed Hit List: The Passwords You Need to Change Right Now
Heartbleed Effect: Passwords You Need to Change Now
▶ What Is the Heartbleed Encryption Bug? - YouTube
DonsDeals: The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library which is used for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs)
LastPass - LastPass Heartbleed checker
Qualys SSL Labs - Projects / SSL Server Test
How to Check if a Website has been Affected by Heartbleed
LastPass - Download
LastPass - Help Center
LastPass | How It Works
LastPass | Features
Test your server for Heartbleed (CVE-2014-0160)
Heartbleed vulnerable websites on the Alexa top 10000, as of 1700 UTC 20140411. 217 total listings on 124 unique domains. Out of 20K attempted connections (±www), 9185 returned errors — presumably those sites either do not expose https or redirect to alternate servers. This is a list I obtained that was tested with https://github.com/FiloSottile/Heartbleed
Firefox and Chrome Browser Extensions that Check for Heartbleed
Heartbleed-Ext :: Add-ons for Firefox
Chrome Web Store - Chromebleed
Akamai admits issuing faulty OpenSSL patch, reissues keys - Computerworld

Security updates available for Adobe Flash Player - Release date: April 8, 2014
Adobe patches critical flaws in Flash Player and AIR - Computerworld
Adobe Security Bulletin
All major browsers fall during second day of Pwn2Own hacking contest | PCWorld


Virus info Linux and Windows
Antivirus scan for 5cb14d0745d7b09bcbeba3114cc06c5f at UTC - VirusTotal
avast! blog » Linux Trojan “Hand of Thief” ungloved
avast! Linux Home Edition
best security list 2013 - Search on DonsDeals Blog
Best Security List - Google Custom Search on DonsDeals Blog
best secutriy list - Google Custom Search on DonsDeals Blog
Clam AntiVirus
Clam AntiVirus
ClamWin CD/USB - HowTo
Comodo - Google Search
Computer worm - Wikipedia, the free encyclopedia
crafted.win32file.ols - Google Search
CrowdStrike: HTTP iframe Injecting Linux Rootkit
DonsDeals: Avast! AntiVirus For Both Window and Linux Home Edition
DonsDeals: BBC NEWS | Programmes | Click | BBC team exposes cyber crime risk
DonsDeals: Best Free Rootkit Scanner/Remover
DonsDeals: Conficker Worm Called An Epidemic
DonsDeals: CrowdStrike - HTTP iframe Injecting Linux Rootkit (Vrius info)
DonsDeals: Download Comodo System-Cleaner
DonsDeals: Facebook Users Targeted By Fake Virus Alert
DonsDeals: Firewall & Antivirus Software Suite - Internet Security | Comodo
DonsDeals: Free Agent: Linux Firewalls and Antivirus--Needed or Not? - PCWorld
DonsDeals: Free Desktop PC Security - Free Downloads Keep your PC Safe | Comodo
DonsDeals: Immunet v2 update on the way: adds multi-engine malware and virus scanning to cloud-powered core
DonsDeals: Jotti's malware scan
DonsDeals: Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic
DonsDeals: M86 Security Finds URL Filters Anti Virus Scanners Ineffective
DonsDeals: New Kneber Botnet Tied To 75 000 Systems
DonsDeals: PC Hell: Free RootKit Removal Tools and Software
DonsDeals: Privacy = Security and Security = Privacy...
DonsDeals: Probably the best free security list in the world
DonsDeals: Probably the Best Free Security List in the World
DonsDeals: Probably the Best Free Security List in the World - Updated 28. August 2012
DonsDeals: Re: Viruses now penetrating deeper | Tech News on ZDNet
DonsDeals: Setting up Avast Antivirus to Protect your Windows PC...
DonsDeals: ‪TDL4 MBR Rootkit Virus Alureon TDSS Removal by Britec‬‏ - YouTube
DonsDeals: The first Linux botnet? | ITworld
DonsDeals: There are Viruses, Trojans, Worms and Rootkits, that can infect a Linux OS
DonsDeals: Trinityhome : New TRK 3.4: easier than ever before
DonsDeals: Updated Conficker Ropes Victims into Rogue Antivirus Scam
DonsDeals: VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines!
Download Enhanced Mitigation Experience Toolkit 4.1 from Official Microsoft Download Center
Download RogueKiller (Official website)
Download System-Cleaner
Firewall & Antivirus Software Suite - Internet Security | Comodo
Free Antivirus for Windows - Open source GPL virus scanner
Google Translate - http://www.chkrootkit.org/download.htm
Hand of a Thief malware targets Linux users’ bank accounts | Apps and Software | Geek.com
Hand of Thief malware could be dangerous (if you install it) - TechRepublic
How to Detect Rootkits on a Computer | eHow.com
Jotti's malware scan
KlamAV
KlamAV - ClamAV for KDE | Free Development software downloads at SourceForge.net
klamav - Google Search
KlamAV GUI Screen Animation
Linux Today - Hand of a Thief malware targets Linux users' bank accounts
Linux Virus - Google Custom Search on DonsDeals Blog
Lynis
'Neverquest' trojan threatens online banking users - Computerworld
New Linux Rootkit Emerges | threatpost
News | VirusBlokAda
Online banking faces a new threat - Securelist
online virus scan file upload - Google Search
Powerful Free Microsoft Security Tool EMET has Been Updated
Probably the Best Free Security List in the World
Remote PC through VPN Access - Secure Remote Access | Comodo
remove sasser virus - Google Search
remove sasser virus - Google Search
RogueKiller - CNET Download.com
rootkits computer - Google Search
Rootkit - Wikipedia, the free encyclopedia
Search results for Gizmo's Freeware website
The Rootkit Hunter project
trinity - Google Search
Trojan horse (computing) - Wikipedia, the free encyclopedia
trojans computer - Google Search
Trojans - Google Search
trojan.tdss-7762 - Google Search
Trojan - Trojans and Viruses in Computer Networking
Unhide homepage - Welcome
VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 36 AntiVirus Engines!
wine gecko - Google Search
WinPlanet Downloads for Windows Desktop Utilities
worms computer - Google Search
Neverquest Trojan: Built to Steal from Hundreds of Banks | We use words to save the world | Kaspersky Lab Official Blog
Neverquest banking malware more dangerous than Zeus trojan - TechRepublic
Security firm IDs malware used in Target attack - Computerworld
A First Look at the Target Intrusion, Malware — Krebs on Security
IE10 under attack as hackers exploit zero-day bug - Computerworld
Adobe Releases Fix for Two Shockwave Player Vulnerabilities | Digital Trends
How to Protect Your Linksys Router from TheMoon Malware | Digital Trends
New Malware Targets Linksys Routers
Surviving the Death of Windows XP
What you need to do about Heartbleed - Computerworld

Virus Software and How To's
Commercial free virus removal tools
Free Virus Removal Protection | Virus Removal Tools | McAfee
PCH Search & Win: free virus removal
PC Tools AntiVirus Free - Download Antivirus and Antispyware Software for Windows®
Security Response Removal Tools - Symantec Corp.
Virus Removal Tools
Easy Clean, Free Virus Removal - Free Download | F-Secure
Emsisoft BlitzBlank - Removes malware infections that nothing else removes
Free Online Tools
F-Secure Labs
How to Use Stinger | McAfee Free Tools
Probably the Best Free Security List in the World
RegRun Reanimator - free Trojan/Adware/Spyware removal tool - Greatis Software
Threat Killer - Security Solutions & Information Technology - NoVirusThanks
Virus Effect Remover | Download Virus Effect Remover software for free at SourceForge.net

No comments: