-
sustainable
#opensource -@tobie starts his story with#heartbleed - how $2k/year under-investment suddenly becomes $500m industry-wide remediation investment#fosdem#communitypic.twitter.com/IULb2cH8Nb
Prikaži ovu nit -
We are officially on IMDB! Go check us out at https://www.imdb.com/title/tt10023486/ …
#heartbleed#imdbpic.twitter.com/OhnTqd3bkJ
-
Our ACM CACM article on how website administrators (didn't) respond to
#Heartbleed is available at last!@CACMmag https://cacm.acm.org/magazines/2018/3/225489-analysis-of-ssl-certificate-reissues-and-revocations-in-the-wake-of-heartbleed/fulltext … For more of our research on Heartlbeed and securing online authentication, check out https://securepki.org -
I say “my money is on APT18” because they weaponized
#HeartBleed in 2014 against Juniper SSL VPN devices within 24ish hours of vulnerability disclosure...& they love remote access to enterprise networks without using backdoors (or removing backdoors after gaining access to VPN)Prikaži ovu nit -
What *is* terrifying are important & widely used FOSS projects that don't have the resources and support they need. This is how
#Heartbleed happened - a key library that the entire Internet relied on was maintained by four unsupported devs struggling without needed resources.Prikaži ovu nit -
An interesting find. Website and open directory files encrypted with
#heartbleed#ransomware with extension d3g1d5. Has interesting directory called#exploitpic.twitter.com/GKVLR2Pj03
Prikaži ovu nit -
“Running a large
#LightningNetwork node has been quite stressful - An exploit such as we saw with#heartbleed could allow an attacker to drain all funds from the node while I’m sleeping. It’s time to end the experiment,” Brekken concludes. https://news.bitcoin.com/a-look-at-what-it-was-like-to-operate-the-lightning-networks-largest-node/ … -
One of the challenges today in blockchain & cryptographic security is the “free rider” problem where large organizations benefit hugely from the efforts of a few critical open source cryptographic developers, but do not fully support them. This led to events like
#Heartbleed …Prikaži ovu nit -
We’ve had a great time shooting for Heartbleed in the last three days, got plenty of scenes filmed with great performances from our talented actors. Brilliant work from the crew too who have worked very hard and have been very dedicated.
#goteam#heartbleed pic.twitter.com/XjAfx1ksZr
-
Publishing security advisories on updating broken OpenSSL versions did not help much. Only when
#heartbleed happened people started updating the software. Lesson: get a logo!#SuRI18pic.twitter.com/H1vsZOdFvE
-
#ieeesecdev TaintCrypt: Static analysis for cryptographic property enforcement https://s3.amazonaws.com/cybersec-prod/secdev/wp-content/uploads/2017/06/26173848/Program-Analysis-of-Cryptographic-Implementations-for-Security.pdf … [Clang, LLVM, found#heartbleed ; paper http://people.cs.vt.edu/danfeng/papers/Crypto-Program-Analysis-SecDev-2017-Yao.pdf … ; proto-tool https://github.com/franchiotta/taintchecker … ]pic.twitter.com/aJYdQUE7cs
-
Besides
#heartbleed, are there actually any other exploitable irl#SSL/#TLS vulnerabilities, most if not all seem to be#MITM with no actionable exploits. Enlighten me twitter please
Prikaži ovu nit -
#Heartbleed#vulnerability was introduced into OpenSSL crypto library, 2012. Discovered &#fixed 2014, yet 5 yrs later still remain unpatched systems!!#CyberAware#cyberexposure#threatlandscape#malicious#exploit#Cybersecurity#protection@CiaSecurehttps://blog.malwarebytes.com/exploits-and-vulnerabilities/2019/09/everything-you-need-to-know-about-the-heartbleed-vulnerability/?utm_source=hs_email&utm_medium=email&utm_content=76804206&_hsenc=p2ANqtz-_h8IjJZbRWNVwu5-uyKsbMCs1UlviLDq3i8XY1GiIRyWX4SS674BknYNAaWKN-fDYrvsHuS93dl_2HztoU5dNQ1IK9vw&_hsmi=76804206 … -
"Dear
#DevSecOps: sudo apt update && sudo apt upgrade -y && sudo apt dist-upgrade -y && sudo apt autoremove -y" Don't forget you can also automate the simple stuff. https://buff.ly/2NhviTZ#heartbleed -
Heartbleed Discovery and Exploit https://linuxsecurityblog.com/2020/02/01/heartbleed-discovery-and-exploit/ …
#HeartBleed#CyberSecurity -
Use the
#MetaSploit framework to#exploit a web server vulnerable to#Heartbleed and retrieve private#keys and#credentials from the server in this new lab@cloudacademy.#owasp#cybersecurity https://cloudacademy.com/lab/owasp-exercises-exploiting-heartbleed-bug/ …pic.twitter.com/f1M4ptqsHI
-
Five and a half years ago,
#Heartbleed exposed just how fragile Internet security can be. Today's first Tale from the Crypt(o) team explains why it's still not completely solved, and what we're doing to protect against those types of vulnerabilities. https://blog.cloudflare.com/going-keyless-everywhere … -
“First security flaw which has a logo”
@Sidhpurwala is explaining#Heartbleed in the opening talk at#Rootconf#Pune@zainabbawa@_bhavin192@GauravSitlani#security@RedHat -
I discussed my experience
@SANS#DFIRSummit investigating one of the ~5 cases@Mandiant investigated where APT18 used#HeartBleed for initial access. (32:07 in the video) https://youtu.be/syDFQ2rJpMoPrikaži ovu nit
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
