Information Security News
Thru announces exhibition at InfoSec Europe and new partnership with Pro2col
InfoSec Europe draws over 13,000 visitors every year and is the biggest free-to-attend information security event in Europe. Global professionals from a variety of industries come together to discover the latest developments and best practices in ...
Demonstrating yet another way the catastrophic Heartbleed vulnerability threatens users, malicious hackers were able to exploit the bug to successfully bypass multifactor authentication and fraud detection on an organization's virtual private network (VPN), security researchers said.
When the critical flaw in the OpenSSL cryptographic library came to light 11 days ago, it was best known as a dangerous hole that allowed attackers to siphon out user names, passwords, and even private encryption keys processed by vulnerable Web servers. More recently, researchers confirmed that Heartbleed could be exploited to steal the private keys underpinning the widely used OpenVPN application and likely software for other VPNs that rely on a vulnerable version of OpenSSL.
On Friday, researchers with network security firm Mandiant said Heartbleed had been used to subvert a customer's VPN concentrator, an appliance that typically provides a secure way for people to access a network from outside the organization. The devices frequently require multiple forms of authentication before granting access to an end user. Passwords, previously set authentication cookies, and other types of security tokens are frequently used. That's where Heartbleed came in handy for the hackers, who went to work exploiting the bug less than a day after it became public knowledge. A separate researcher theorized such an attack was possible the same day.
We have received reports by many readers about buggy tools to test for the heartbleed vulnerability. Today I want to show you how easy it is to check for this vulnerability using a reliable tool as nmap.
You just need to trigger a version scan (
-sV) along with the script (
ssl-heartbleed). The following example with show a command that will scan 192.168.0.107 for this bug:
nmap -sV 192.168.0.107 --script=ssl-heartbleed
This will be the output for a non-vulnerable website. As you can see, no warnings are shown:
If you are vulnerable, you will get the following:
For vulnerability testing, always use reliable tools which won't contain malicious code infecting your computer and won't give you false positive messages.
BP Crisis Manager Traded on Inside Oil Spill Info, SEC Says
NEW YORK (MainStreet) — Keith Seilhan must have had a lot on his mind in April 2010. He was an operations manager for BP America, and as oil gushed into the Gulf of Mexico after the explosion of the Deepwater Horizon drilling rig, Seilhan was made ...