OpenSSL ‘heartbleed’ bug live blog

A bug has been identified in OpenSSL, all details can be found at heartbleed.com. The bug has been assigned CVE-2014-0160. OpenSSL versions 1.0.1 – 1.0.1f are vulnerable. We advise to upgrade OpenSSL to version 1.0.1g or higher Test if you are vulnerable You can test if you are vulnerable by requesting a heartbeat response with … Continue reading OpenSSL ‘heartbleed’ bug live blog

Oracle getting serious about Java

Recently, Oracle released new a version of Java with a difference. Java/1.7.0_13 is the latest version. Its increased the default security from ‘Medium’ to ‘High’, which restricts execution of unsigned applets. It also introduced a new warning to people executing Java code which checks if Java is using the latest version. You might notice the … Continue reading Oracle getting serious about Java

Demystifying Pobelka

A technical intelligence report on the Pobelka botnet operation. January 11, 2013 This technical report describes the Pobelka botnet and puts it in the context of global malware operations. Fox-IT’s InTELL unit provides reports like this on a continuous basis to customers in the financial sector so they know who’s targeting their online banking systems … Continue reading Demystifying Pobelka