This is as serious as it gets. Heartbleed exposes your corporate private keys. Your crown jewels, your keys to the castle….well you get the idea. Your corporate privates are indeed exposed, they may not have been stolen yet, but they are unequivocally exposed through Heartbleed . It took researches less than 3 hours to extract private keys from a server as a result of a challenge issued by CloudFare. … Read More
Heartbleed Protection
OpenSSL Security Vulnerabilities and other C-based Risks
The latest Heartbleed OpenSSL vulnerability (CVE-2014-0160) is again a re-affirmation that usage of C-based security modules by an enterprise company greatly increases its risk posture. … Read More
Predictions from 2002-2003: Heartbleed = Criminal Negligence
Here is an archived document that Forum Systems published in 2002-2003 while architecting a secure XML gateway. We would like you to read this article to understand the importance of a security-first approach while interacting with users and systems, especially outside your enterprise boundary. … Read More
How to fix OpenSSL Heartbleed Security Flaw
In this article, we will show you how to fix the OpenSSL Heartbleed security flaw. OpenSSL Heartbleed has been recently discovered by security researchers. This security flaw is as a result of a software bug in the SSL/TLS protocol implementation of the … Read More