Organizations using “remote access software or appliances” susceptible...
Organizations using “remote access software or appliances” susceptible to the Heartbleed bug should “identify infrastructure affected by the vulnerability and upgrade it as soon as possible,” said security provider Mandiant in a blog post (http://bit.ly/1tinjDV) Friday. Heartbleed is the recently…
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
discovered security glitch in Secure Sockets Layer (SSL), which affects OpenSSL, a cryptographic software library used to secure websites using HTTPS encryption to protect data (CD April 11 p13). Organizations and businesses with vulnerabilities to Heartbleed should “implement network intrusion detection signatures to identify repeated attempts to leverage the vulnerability,” it said. “In our experience, an attacker will likely send hundreds of attempts because the vulnerability only exposes up to 64KB of data from a random section of memory,” it said. Historical reviews of virtual private networks should be performed to “identify instances where the IP address of a session changed repeatedly between two IP addresses,” it said. “It is common for an IP address to legitimately change during a session, but from our analysis it is fairly uncommon for the IP address to repeatedly change back and forth between IP addresses that are in different network blocks, geographic locations, from different service providers, or rapidly within a short time period,” it said.