Organizations using “remote access software or appliances” susceptible...
Organizations using “remote access software or appliances” susceptible to the Heartbleed bug should “identify infrastructure affected by the vulnerability and upgrade it as soon as possible,” said security provider Mandiant in a blog post (http://bit.ly/1tinjDV) Friday. Heartbleed is the recently…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
discovered security glitch in Secure Sockets Layer (SSL), which affects OpenSSL, a cryptographic software library used to secure websites using HTTPS encryption to protect data (CD April 11 p13). Organizations and businesses with vulnerabilities to Heartbleed should “implement network intrusion detection signatures to identify repeated attempts to leverage the vulnerability,” it said. “In our experience, an attacker will likely send hundreds of attempts because the vulnerability only exposes up to 64KB of data from a random section of memory,” it said. Historical reviews of virtual private networks should be performed to “identify instances where the IP address of a session changed repeatedly between two IP addresses,” it said. “It is common for an IP address to legitimately change during a session, but from our analysis it is fairly uncommon for the IP address to repeatedly change back and forth between IP addresses that are in different network blocks, geographic locations, from different service providers, or rapidly within a short time period,” it said.