Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Thought Heartbleed was dead? Nope - hundreds of thousands of things still vulnerable to attack

Thought Heartbleed was dead? Nope - hundreds of thousands of things still vulnerable to attack

2015/09/15

The Register - (International) The founder of the Shodan search engine reported that over 200,000 devices on the Internet are still vulnerable to the Heartbleed OpenSSL vulnerability discovered in 2014, including 57,272 devices in the U.S. The vulnerability allows an attacker to extract passwords and other sensitive information due to a missing bounds check that allowed repeated data checks from server memory.

Source: http://www.theregister.co.uk/2015/09/15/still_200k_iot_heartbleed_vulns/

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:25:15