Egypt gears up to host Barcelona Convention COP24 on Mediterranean Pollution in December    Egypt to host 3rd Global Conference on Population, Health and Human Development in November    Egypt to host inaugural AI Everything Middle East & Africa Summit in February 2026    Norway's wealth fund investments in Israel dominate election, could decide government    Egypt's military production, petroleum ministries drive projects to boost citizens' economic gains    Egypt implements EGP 12.7bn water, wastewater projects in Northwest Coast in 2024    Egypt backs UN plan for Libyan elections within 12-18 months    South Korea's Lee in Japan for talks ahead of crucial Trump meeting    Egypt, S.Arabia step up trade ties through coordination council talks    Egypt reviews progress on $200m World Bank-funded waste management hub    Egypt, ADIB explore strategic partnership in digital healthcare, investment    Egyptian pound down vs. US dollar at Monday's close – CBE    Egypt's FM, Palestinian PM visit Rafah crossing to review Gaza aid    Egypt prepares unified stance ahead of COP30 in Brazil    Egypt recovers collection of ancient artefacts from Netherlands    Egypt harvests 315,000 cubic metres of rainwater in Sinai as part of flash flood protection measures    Egypt, Namibia explore closer pharmaceutical cooperation    Fitch Ratings: ASEAN Islamic finance set to surpass $1t by 2026-end    Renowned Egyptian novelist Sonallah Ibrahim dies at 88    Egyptian, Ugandan Presidents open business forum to boost trade    Al-Sisi says any party thinking Egypt will neglect water rights is 'completely mistaken'    Egypt's Sisi warns against unilateral Nile measures, reaffirms Egypt's water security stance    Egypt's Sisi, Uganda's Museveni discuss boosting ties    Egypt, Huawei explore healthcare digital transformation cooperation    Egypt's Sisi, Sudan's Idris discuss strategic ties, stability    Egypt to inaugurate Grand Egyptian Museum on 1 November    Greco-Roman rock-cut tombs unearthed in Egypt's Aswan    Egypt reveals heritage e-training portal    Sisi launches new support initiative for families of war, terrorism victims    Egypt expands e-ticketing to 110 heritage sites, adds self-service kiosks at Saqqara    Palm Hills Squash Open debuts with 48 international stars, $250,000 prize pool    On Sport to broadcast Pan Arab Golf Championship for Juniors and Ladies in Egypt    Golf Festival in Cairo to mark Arab Golf Federation's 50th anniversary    Germany among EU's priciest labour markets – official data    Paris Olympic gold '24 medals hit record value    A minute of silence for Egyptian sports    Russia says it's in sync with US, China, Pakistan on Taliban    It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game    Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights    Sudan says countries must cooperate on vaccines    Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19    Egypt to tax bloggers, YouTubers    Egypt's FM asserts importance of stability in Libya, holding elections as scheduled    We mustn't lose touch: Muller after Bayern win in Bundesliga    Egypt records 36 new deaths from Covid-19, highest since mid June    Egypt sells $3 bln US-dollar dominated eurobonds    Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go    Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



'Heartbleed' bug in web technology seen as major threat to user data
Reuters Published in Ahram Online on 09 - 04 - 2014

A newly discovered bug in widely used Web encryption technology has made data on many of the world's major websites vulnerable to theft by hackers in what experts say is one of the most serious security flaws uncovered in recent years.
The finding of the so-called "Heartbleed" vulnerability, by researchers with Google Inc and a small security firm Codenomicon, prompted the U.S. government's Department of Homeland Security to advise businesses on Tuesday to review their servers to see if they were using vulnerable versions a type of software known as OpenSSL.
It said updates are already available to address the vulnerability in OpenSSL, which could enable remote attackers to access sensitive data including passwords and secret keys that can decode traffic as it travels across the Internet.
"We have tested some of our own services from attacker's perspective. We attacked ourselves from outside, without leaving a trace," Codenomicon said on a website it built to provide information about the threat, heartbleed.com.
Computer security experts warned that means victims cannot tell if their data has been accessed which is troubling because the bug has existed for about two years.
"If a website is vulnerable I could see things like your password, banking information and healthcare data, which you were under the impression you were sending securely to your website," said Michael Coates, director of product security for Shape Security.
Chris Eng, vice president of research with software security firm Veracode, said he estimates that hundreds of thousands of web and email servers around the globe need to be patched as soon as possible to protect them from attack by hackers who will rush to exploit the vulnerability now that it is publicly known.
The technology website Ars Technica reported that security researcher Mark Loman was able to extract data from Yahoo Mail servers by using a free tool.
A spokesperson for Yahoo Inc confirmed that Yahoo Mail was vulnerable to attack, but said it had been patched along with other main Yahoo sites such as Yahoo Search, Finance, Sports, Flickr and Tumblr.
"We are working to implement the fix across the rest of our sites right now," she said on Tuesday evening.
http://english.ahram.org.eg/News/98636.aspx

Clic here to read the story from its source.