TMG climbs to 4th in Forbes' Top 50 Public Companies in Egypt' list on surging sales, assets    UN conference expresses concern over ME escalation    Egypt, Japan's JICA plan school expansion – Cabinet    Egypt's EDA, AstraZeneca discuss local manufacturing    Egypt's PM forms crisis committee to monitor Iran-Israel fallout    Israel intensifies strikes on Tehran as Iran vows retaliation, global leaders call for de-escalation    Egypt issues nearly 20 million digital treatment approvals as health insurance digitalisation accelerates    Pakistan FM warns against fake news, details Iran-Israel de-escalation role    Russia seeks mediator role in Mideast, balancing Iran and Israel ties    LTRA, Rehla Rides forge public–private partnership for smart transport    Electricity Minister discusses enhanced energy cooperation with EIB, EU delegations    Egyptian pound rebounds at June 16 close – CBE    China's fixed asset investment surges in Jan–May    Egypt secures €21m EU grant for low-carbon transition    EHA, Konecta explore strategic partnership in digital transformation, smart healthcare    Sisi launches new support initiative for families of war, terrorism victims    Egypt nuclear authority: No radiation rise amid regional unrest    Grand Egyptian Museum opening delayed to Q4    Egypt delays Grand Museum opening to Q4 amid regional tensions    Egypt slams Israeli strike on Iran, warns of regional chaos    Egypt expands e-ticketing to 110 heritage sites, adds self-service kiosks at Saqqara    Egypt's EDA joins high-level Africa-Europe medicines regulatory talks    Egypt's Irrigation Minister urges scientific cooperation to tackle water scarcity    Egypt, Serbia explore cultural cooperation in heritage, tourism    Egypt discovers three New Kingdom tombs in Luxor's Dra' Abu El-Naga    Egypt launches "Memory of the City" app to document urban history    Palm Hills Squash Open debuts with 48 international stars, $250,000 prize pool    Egypt's Democratic Generation Party Evaluates 84 Candidates Ahead of Parliamentary Vote    On Sport to broadcast Pan Arab Golf Championship for Juniors and Ladies in Egypt    Golf Festival in Cairo to mark Arab Golf Federation's 50th anniversary    Germany among EU's priciest labour markets – official data    Cabinet approves establishment of national medical tourism council to boost healthcare sector    Egypt's PM follows up on Julius Nyerere dam project in Tanzania    Egypt's FM inspects Julius Nyerere Dam project in Tanzania    Paris Olympic gold '24 medals hit record value    A minute of silence for Egyptian sports    Russia says it's in sync with US, China, Pakistan on Taliban    It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game    Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights    Sudan says countries must cooperate on vaccines    Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19    Egypt to tax bloggers, YouTubers    Egypt's FM asserts importance of stability in Libya, holding elections as scheduled    We mustn't lose touch: Muller after Bayern win in Bundesliga    Egypt records 36 new deaths from Covid-19, highest since mid June    Egypt sells $3 bln US-dollar dominated eurobonds    Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go    Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



'Heartbleed' bug in web technology seen as major threat to user data
Reuters Published in Ahram Online on 09 - 04 - 2014

A newly discovered bug in widely used Web encryption technology has made data on many of the world's major websites vulnerable to theft by hackers in what experts say is one of the most serious security flaws uncovered in recent years.
The finding of the so-called "Heartbleed" vulnerability, by researchers with Google Inc and a small security firm Codenomicon, prompted the U.S. government's Department of Homeland Security to advise businesses on Tuesday to review their servers to see if they were using vulnerable versions a type of software known as OpenSSL.
It said updates are already available to address the vulnerability in OpenSSL, which could enable remote attackers to access sensitive data including passwords and secret keys that can decode traffic as it travels across the Internet.
"We have tested some of our own services from attacker's perspective. We attacked ourselves from outside, without leaving a trace," Codenomicon said on a website it built to provide information about the threat, heartbleed.com.
Computer security experts warned that means victims cannot tell if their data has been accessed which is troubling because the bug has existed for about two years.
"If a website is vulnerable I could see things like your password, banking information and healthcare data, which you were under the impression you were sending securely to your website," said Michael Coates, director of product security for Shape Security.
Chris Eng, vice president of research with software security firm Veracode, said he estimates that hundreds of thousands of web and email servers around the globe need to be patched as soon as possible to protect them from attack by hackers who will rush to exploit the vulnerability now that it is publicly known.
The technology website Ars Technica reported that security researcher Mark Loman was able to extract data from Yahoo Mail servers by using a free tool.
A spokesperson for Yahoo Inc confirmed that Yahoo Mail was vulnerable to attack, but said it had been patched along with other main Yahoo sites such as Yahoo Search, Finance, Sports, Flickr and Tumblr.
"We are working to implement the fix across the rest of our sites right now," she said on Tuesday evening.
http://english.ahram.org.eg/News/98636.aspx

Clic here to read the story from its source.