Hackers are taking advantage of the Heartbleed situation. Customers’ session tokens remain vulnerable allowing hackers to masquerade as a legitimate authenticated user.
“[With} an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated.” Shared Christopher Glyer, a technical director at Mandiant on the company’s blog.
Organizations running or had recently run vulnerable versions of remote access software should identify vulnerable spots and upgrade security as soon as possible, implement network intrusion detection signatures, and create VPN logs.
PYMNTS.com’s has been following Heartbleed Bug effect more than just software.
What’s Hot” is aggregated content. PYMNTS.com claims no responsibility for the accuracy of the content published by the original source.