Masress : 'Heartbleed' bug in web technology seen as major threat to user data

Gold goes up to $4,100 on Tuesday Oil surges on Tuesday Egypt, Qatar seek to deepen investment partnership Trump-Xi meeting still on track Sisi hails Gaza peace accord as a 'new chapter' for the Middle East BP signs agreement to drill five new gas wells in Mediterranean within its Egypt concessions Turkish president holds sideline meetings with world leaders at Egypt summit S&P Global Ratings upgrade signals renewed confidence in Egypt's economy: CBE Governor Finance Ministry announces exceptional tourism investment opportunities in Assiut Al-Sisi, Meloni discuss strengthening Egypt–Italy relations, supporting Gaza ceasefire efforts Al-Sisi, Merz discuss Gaza ceasefire, ways to deepen Egypt–Germany relations L'Oréal Egypt's 10th summit draws over 800 experts, focuses on dermatology URGENT: Netanyahu skips Sharm El-Sheikh peace summit for holy reasons Ministers of Egypt، Slovakia sign MoU on environmental protection، climate change Egypt's Sisi warns against unilateral Nile actions, calls for global water cooperation Egypt unearths one of largest New Kingdom Fortresses in North Sinai Egypt's Health Minister showcases Women's Health Initiative at Berlin Innovation Forum Egypt unearths New Kingdom military fortress on Horus's Way in Sinai Egypt Writes Calm Anew: How Cairo Engineered the Ceasefire in Gaza Egypt's acting environment minister heads to Abu Dhabi for IUCN Global Nature Summit Egyptian Open Amateur Golf Championship 2025 to see record participation Cairo's Al-Fustat Hills Park nears completion as Middle East's largest green hub – PM Egypt's Cabinet approves decree featuring Queen Margaret, Edinburgh Napier campuses El-Sisi boosts teachers' pay, pushes for AI, digital learning overhaul in Egypt's schools Egypt's Sisi congratulates Khaled El-Enany on landslide UNESCO director-general election win Syria releases preliminary results of first post-Assad parliament vote Karnak's hidden origins: Study reveals Egypt's great temple rose from ancient Nile island Egypt resolves dispute between top African sports bodies ahead of 2027 African Games Egypt's Al-Sisi commemorates October War, discusses national security with top brass Egypt reviews Nile water inflows as minister warns of impact of encroachments on Rosetta Branch Egypt's ministry of housing hails Arab Contractors for 5 ENR global project awards A Timeless Canvas: Forever Is Now Returns to the Pyramids of Giza Egypt aims to reclaim global golf standing with new major tournaments: Omar Hisham Egypt to host men's, juniors' and ladies' open golf championships in October Germany among EU's priciest labour markets – official data Paris Olympic gold '24 medals hit record value It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game Russia says it's in sync with US, China, Pakistan on Taliban Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights Sudan says countries must cooperate on vaccines Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19 Egypt to tax bloggers, YouTubers Egypt's FM asserts importance of stability in Libya, holding elections as scheduled We mustn't lose touch: Muller after Bayern win in Bundesliga Egypt records 36 new deaths from Covid-19, highest since mid June Egypt sells $3 bln US-dollar dominated eurobonds Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform

Thank you for reporting!

This image will be automatically disabled when it gets reported by several people.

'Heartbleed' bug in web technology seen as major threat to user data

Reuters Published in Ahram Online on 09 - 04 - 2014

A newly discovered bug in widely used Web encryption technology has made data on many of the world's major websites vulnerable to theft by hackers in what experts say is one of the most serious security flaws uncovered in recent years.
The finding of the so-called "Heartbleed" vulnerability, by researchers with Google Inc and a small security firm Codenomicon, prompted the U.S. government's Department of Homeland Security to advise businesses on Tuesday to review their servers to see if they were using vulnerable versions a type of software known as OpenSSL.
It said updates are already available to address the vulnerability in OpenSSL, which could enable remote attackers to access sensitive data including passwords and secret keys that can decode traffic as it travels across the Internet.
"We have tested some of our own services from attacker's perspective. We attacked ourselves from outside, without leaving a trace," Codenomicon said on a website it built to provide information about the threat, heartbleed.com.
Computer security experts warned that means victims cannot tell if their data has been accessed which is troubling because the bug has existed for about two years.
"If a website is vulnerable I could see things like your password, banking information and healthcare data, which you were under the impression you were sending securely to your website," said Michael Coates, director of product security for Shape Security.
Chris Eng, vice president of research with software security firm Veracode, said he estimates that hundreds of thousands of web and email servers around the globe need to be patched as soon as possible to protect them from attack by hackers who will rush to exploit the vulnerability now that it is publicly known.
The technology website Ars Technica reported that security researcher Mark Loman was able to extract data from Yahoo Mail servers by using a free tool.
A spokesperson for Yahoo Inc confirmed that Yahoo Mail was vulnerable to attack, but said it had been patched along with other main Yahoo sites such as Yahoo Search, Finance, Sports, Flickr and Tumblr.
"We are working to implement the fix across the rest of our sites right now," she said on Tuesday evening.
http://english.ahram.org.eg/News/98636.aspx

Clic here to read the story from its source.