What Is Heartbleed

Five years later, Heartbleed vulnerability still unpatched https://blog.malwarebytes.com/exploits-and-vulnerabilities/2019/09/everything-you-need-to-know-about-the-heartbleed-vulnerability/ 135 comments 12/12/2019 programming

OpenSSL after Heartbleed (LWN) http://lwn.net/articles/702751/ 4 comments 20/10/2016 linux

“VENOM” FUD Attack — Like “Heartbleed” FUD Attack — Linked to Microsoft http://techrights.org/2015/05/14/venom-heartbleed-microsoft/ 12 comments 17/5/2015 technology

New 'Bash' bug is deadlier than 'Heartbleed' http://timesofindia.indiatimes.com/tech/tech-news/new-bash-bug-is-deadlier-than-heartbleed/articleshow/43403571.cms 5 comments 25/9/2014 india

Heartbleed is the gift that keeps on giving as servers remain unpatched | Ars Technica http://arstechnica.com/security/2014/08/heartbleed-is-the-gift-that-keeps-on-giving-as-servers-remain-unpatched/ 15 comments 28/8/2014 sysadmin

Two months after Heartbleed, 51% of all l servers still unpatched and vulnerable to Heartbleed http://techgeekforever.com/2014/06/23/heartbleed-report/ 44 comments 23/6/2014 sysadmin

New Heartbleed attack hits Android devices and routers over Wi-Fi http://www.theverge.com/2014/5/29/5762496/new-heartbleed-attack-targets-android-devices-and-routers-over-wi-fi 12 comments 30/5/2014 technology

NSClient++ affected by Heartbleed Vulnerability http://www.nsclient.org/2014/05/20/heartbleed-status/ 4 comments 21/5/2014 sysadmin

Finding Heartbleed via static analysis "the right way" http://www.grammatech.com/blog/finding-heartbleed-with-codesonar 19 comments 3/5/2014 programming

Great Heartbleed scanner: CROWDSTRIKE http://www.crowdstrike.com/community-tools/ 4 comments 24/4/2014 sysadmin

Tech giants, chastened by Heartbleed, finally agree to fund OpenSSL | Ars Technica http://arstechnica.com/information-technology/2014/04/tech-giants-chastened-by-heartbleed-finally-agree-to-fund-openssl/ 5 comments 24/4/2014 crypto

Tor network’s ranks of relay servers cut because of Heartbleed bug | To preserve security of network, Tor Project rejects hundreds of unpatched relays. http://arstechnica.com/security/2014/04/tor-networks-ranks-of-relay-servers-cut-because-of-heartbleed-bug/ 7 comments 18/4/2014 technology

Canadian Computer Science student first to get arrested for exploiting Heartbleed http://arstechnica.com/tech-policy/2014/04/heartbleed-hacker-arrested-charged-in-connection-to-malicious-bug-exploit/ 3 comments 18/4/2014 technology

Guy mocks Heartbleed, posts passwords online, invites everyone to do their worst http://nakedsecurity.sophos.com/2014/04/17/guy-mocks-heartbleed-posts-passwords-online-invites-hackers-to-do-their-worst/ 3 comments 18/4/2014 technology

Here's How Apple Avoided Heartbleed http://www.fool.com/investing/general/2014/04/16/how-apple-avoided-heartbleed.aspx 4 comments 17/4/2014 apple

Canadian arrested for Heartbleed hacking http://www.aljazeera.com/news/americas/2014/04/canadian-arrested-heartbleed-hacking-201441714953794271.html 12 comments 17/4/2014 worldnews

RCMP charge 19-year-old Canadian man in connection to Heartbleed Bug breach http://windsor.ctvnews.ca/heartbleed-rcmp-charge-london-man-in-privacy-breach-at-cra-1.1778945 3 comments 16/4/2014 worldnews

Tests confirm Heartbleed bug can expose server's private key | PCWorld http://www.pcworld.com/article/2143080/tests-confirm-heartbleed-bug-can-expose-servers-private-key.html 5 comments 14/4/2014 technology

Canada Revenue Agency says 900 social insurance numbers stolen using Heartbleed bug http://www.montrealgazette.com/technology/Canada+Revenue+Agency+says+Social+Insurance+Numbers/9736505/story.html 6 comments 14/4/2014 sysadmin

900 SINs stolen from Revenue Canada via Heartbleed http://news.ca.msn.com/canada/900-sins-stolen-from-revenue-canada-via-heartbleed-1 52 comments 14/4/2014 worldnews

The Heartbleed Hit List: The Passwords You Need to Change Right Now http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/?utm_cid=mash-com-fb-main-link 1257 comments 12/4/2014 technology

Heartbleed, falla di sicurezza senza precedenti ferma Internet. Come difendersi. (Paolo Attivissimo) http://attivissimo.blogspot.it/2014/04/heartbleed-falla-di-sicurezza-senza.html 19 comments 12/4/2014 italy

DHS alert: Heartbleed may have been used against industrial control systems http://www.csmonitor.com/world/security-watch/cyber-conflict-monitor/2014/0411/dhs-alert-heartbleed-may-have-been-used-against-industrial-control-systems 8 comments 12/4/2014 technology

Cloudfare Challenged Solved - Heartbleed used to retrieve private security keys http://www.theverge.com/us-world/2014/4/11/5606524/hacker-successfully-uses-heartbleed-to-retrieve-private-security-keys 12 comments 12/4/2014 programming

NSA Said to Exploit Heartbleed Bug for Intelligence for Years http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html 26 comments 11/4/2014 sysadmin

Apple says iOS, OS X, iTunes and iCloud not affected by Heartbleed OpenSSL bug http://gadgets.ndtv.com/internet/news/apple-says-ios-os-x-itunes-and-icloud-not-affected-by-heartbleed-openssl-bug-507234 15 comments 11/4/2014 apple

Preventing heartbleed bugs with safe programming languages http://bluishcoder.co.nz/2014/04/11/preventing-heartbleed-bugs-with-safe-languages.html 29 comments 11/4/2014 programming

Heartbleed: don't rush to update passwords, security experts warn | Tech | The Guardian http://www.theguardian.com/technology/2014/apr/09/heartbleed-dont-rush-to-update-passwords-security-experts-warn 23 comments 11/4/2014 technology

How does the heartbleed attack work? - Everything you need to know about the Heartbleed Bug http://www.vox.com/cards/heartbleed/how-does-the-heartbleed-attack-work 51 comments 10/4/2014 technology

Has the NSA Been Using the Heartbleed Bug as an Internet Peephole? http://www.wired.com/2014/04/nsa-heartbleed/ 44 comments 10/4/2014 privacy

Heartbleed should bleed X.509 to death http://lorddoig.svbtle.com/heartbleed-should-bleed-x509-to-death 32 comments 9/4/2014 crypto

Security Expert: On A Scale Of 1 To 10, The Heartbleed Bug Affecting Almost Everyone Online Is An 11 http://www.businessinsider.com/schneier-heartbleed-security-flaw-2014-4?utm_source=mobilesrepublic&utm_medium=referral&utm_term=mobilesrepublic 56 comments 9/4/2014 technology

About 17% / 500 million of websites affected by "heartbleed" bug http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html 141 comments 9/4/2014 technology

Heartbleed mitigation with iptables - block all hearbeats (should be a temporary fix only!) CVE-2014-0160 (xpost /r/netsec) http://www.securityfocus.com/archive/1/531779/30/0/threaded 9 comments 9/4/2014 linux

Heartbleed mitigation with iptables - block all hearbeats (should be a temporary fix only!) CVE-2014-0160 (xpost /r/netsec) http://www.securityfocus.com/archive/1/531779/30/0/threaded 9 comments 9/4/2014 sysadmin

Heartbleed Bug: Change your passwords http://time.com/55037/heartbleed-internet-security-encryption-risk/ 11 comments 9/4/2014 worldnews

Heartbleed Hotel: The biggest Internet fuckup of all time http://lostechies.com/bradcarleton/2014/04/09/heartbleed-hotel-the-biggest-internet-fuckup-of-all-time/ 16 comments 9/4/2014 webdev

'Heartbleed bug' puts Web security at risk http://www.latimes.com/business/la-fi-web-vulnerability-20140409,0,3935723.story 3 comments 9/4/2014 worldnews

How we patched Heartbleed for 60,000+ sites in 12 hours https://www.getpantheon.com/heartbleed-fix 18 comments 8/4/2014 linux

The Heartbleed Bug - OpenSSL is vulnerable, time to upgrade and create new keys http://heartbleed.com/ 87 comments 7/4/2014 linux