A year ago today, researchers disclosed a virulent computer bug that rocked the foundations of the web. The vulnerability made it possible for anyone to steal and read encrypted information off supposedly secure servers, thus undetectably compromising secret keys, usernames and passwords, and the content of Internet traffic.
Far from just a theoretical concern, Heartbleed has been blamed for the breach of 4.5 million patient records at the hospital group Community Health Systems by the alleged Chinese hacker group « APT18. » And the bug may have been exploited by others, including intelligence agencies, for years prior.
Now on the one year anniversary of Heartbleed’s announcement, a new report shows that most large companies have not fully addressed the issue. According to a scan of Forbes Global 2000 companies by the Salt Lake City, Utah-based security firm Venafi, 74% of these organizations with public-facing systems vulnerable to Heartbleed (that’s 1,642…
View original post 775 mots de plus