Heartbleed keeps bleeding

By  |  April 24, 2014
 | 

Hackers are taking advantage of the Heartbleed situation. Customers’ session tokens remain vulnerable allowing hackers to masquerade as a legitimate authenticated user.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

     

    “[With} an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated.” Shared Christopher Glyer, a technical director at Mandiant on the company’s blog.

     

    Organizations running or had recently run vulnerable versions of remote access software should identify vulnerable spots and upgrade security as soon as possible, implement network intrusion detection signatures, and create VPN logs.

     

    PYMNTS.com’s has been following Heartbleed Bug effect more than just software.

     

    What’s Hot” is aggregated content. PYMNTS.com claims no responsibility for the accuracy of the content published by the original source.


    See More In: