Patching

Heartbleed’s Heartburn: Why a 5 Year Old Vulnerability Continues to Bite

In-brief: more than three years after it was first discovered, the Heartbleed vulnerability in OpenSSL continues to plague organizations worldwide. Why has it been so hard to fix? In this Industry Perspective, Patrick Carey of the firm Black Duck talks about some of the complicating factors that make vulnerabilities like Heartbleed so hard to eradicate. 

Petya Malware is about wreaking Havoc, not collecting Ransom | The Register

In-brief: On Tuesday, a ransomware infection spread across Europe and even affected companies and systems as far away as the United States and Brazil. Iain Thomson at The Register breaks down the malware used in the attack, dubbed NotPetya because it disguises itself as the Petya ransomware, although in the end it seems it was designed to wreak havoc, not collect money.

ransomware

UPDATED: Is this Cyber War? Ransomware Attack Hits Banks, Transport, Government in Ukraine

Fast spreading ransomware dubbed Petya has crippled parts of Ukraine and hit companies in The Netherlands, France, Russia and Spain. It appears to be spreading using a combination of software exploit and stolen passwords.

Firm That Made Mirai-Infected Webcams Gets Security Religion

In-brief: After seeding the globe with hackable DVRs and webcams,¬†Zhejiang Dahua Technology Co., Ltd. of Hangzhou, China will be working with the U.S. firm Synopsys to “enhance the security of its Internet of Things (IoT) devices and solutions.”

Behind Breaches: Lots of Outdated Software | Digital Guardian

In-brief: data from the firm BitSight finds a link between outdated web browser and operating system software and headline-grabbing breaches. Are we surprised?