Rewterz Threat Advisory – The Heartbleed Bug in OpenSSL

April 9, 2014

A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory handling in the TLS heartbeat extension. This may allow an attacker to decrypt traffic or perform other attacks. OpenSSL version 1.0.1g resolves this vulnerability. The 1.0.0 and 0.9.8 branches are not vulnerable.

Rewterz recommends users and administrators see the Heartbleed website for more details. Exploit code for this vulnerability is publicly available. Any service that supports STARTLS (imap,smtp,http,pop) may also be affected.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

ATM Skimming

Rewterz Releases Monthly Threat Intelligence Report on Attacks Targeting Pakistan’s Cyber Space

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.