OpenSSL
Cisco 2014 Midyear Security Report: Brush Your Teeth, Change Your Passwords, Update Your Software
Listening to the radio on the way to work recently, I heard that hackers had stolen some 1.2 billion usernames and passwords, affecting as many as 420,000 websites. When asked what listeners could do to protect themselves, the security expert speaking recommended changing passwords. He did not menti…
New Standards May Reduce Heartburn Caused by the Next Heartbleed
Ed Paradise, Vice President of Engineering for Cisco’s Threat Response, Intelligence and Development Group Much has been made of the industry-wide Heartbleed vulnerability and its potential exploitation. Cisco was among the first companies to release a customer Security Advisory when the vulnerabili…
Cisco, Linux Foundation, and OpenSSL
The recent OpenSSL Heartbleed vulnerability has shown that technology leaders must work together to secure the Internet’s critical infrastructure. That’s why Cisco is proud to be a founding supporter of the Linux Foundation initiative announced yesterday (April 24th). The initiative will fund open s…
OpenSSL Heartbleed vulnerability CVE-2014-0160 – Cisco products and mitigations
*** UPDATED 15-April 2014 *** By now, almost everyone has heard of the OpenSSL Heartbleed vulnerability with CVE id CVE-2014-0160. The vulnerability has to do with the implementation of the TLS heartbeat extension (RFC6520) and could allow secret key or private information leakage in TLS encrypted…