Google is dropping OpenSSL in its newest Chrome beta, in favor of its own forked version called BoringSSL. According to them, this should offer a more streamlined and secure experience for users.
A new report has indicated that there are still over 300,000 unprotected servers running out-of-date versions of OpenSSL that is vulnerable to the critical Heartbleed bug from nearly two months ago.
Another newly discovered bug in OpenSSL opens up the potential for an attacker to read and steal your information without you being able to detect it, but it's still nowhere near as bad as Heartbleed.
Two separate estimates show that around half of the servers previously affected by HeartBleed are still susceptible. The estimates show around 318,239, or 2.33% of all servers are still vulnerable.
Microsoft is among the members of a new group called the Core Infrastructure Initiative which has been formed by the Linux Foundation to make sure OpenSSL issues such as Heartbleed don't happen again.
The "Heartbleed" OpenSSL exploit has led the U.S. government's Healthcare.gov site to require its users to change their passwords, saying that the decision was made "out of an abundance of caution."
CRA Commissioner Andrew Treusch stated that over a period of six hours, the Social Insurance Numbers of around 900 people were removed from CRA computer systems.
The National Security Agency is denying a report from Bloomberg that it was aware of the "Heartbleed" OpenSSL exploit for some time and used it to spy on others.
Microsoft has issued a statement saying their many online services and products like Skype, Office 365, Microsoft Azure, Yammer and others are not affected by the "Heartbleed" OpenSSL issue.
A new report has detailed a serious zero-day security vulnerability called "Heartbleed" affecting the OpenSSL cryptographic library caused due to a programming error and a fix is being worked on.