- This week the IT-Security world was busy with 3 important things: Heartbleed, Heartbleed and Heartbleed. It’s a serious vulnerability in the very widespread OpenSSL cryptographic software library. The bug has been introduced while implementing the Heartbeat extension in December 2011. When exploited it leads to the leak of memory contents, which might be secret keys or credentials.
- Next week the IT-Security world will probably be busy with “the other side of Heartbleed”: Client Vulnerabilities or Reverse Heartbleed. And the question, which services and products are also affected.
- 2nd major data theft in Germany this year: 18 Million email addresses and passwords have been stolen. Among them also 38.000 which are registered in Switzerland.
- WinXP in SCADA systems: Never change a running system? This computer wisdom of the 80th is still reality in critical infrastructure environments.
- Android Security: Collin Mulliner compiled a list of Android Hardening Tools.
- Security Researcher have to think out-of-the-box: A five-year-old boy worked out a security vulnerability on Microsoft’s Xbox Live service. And has been officially thanked by the company.
SWITCH Security-Blog 