Dan Kaminsky

Type: Person
Name: Dan Kaminsky
First reported 9 hours ago - Updated 9 hours ago - 1 reports

Heartbleed’s grim lesson: America’s cybersecurity is a joke

This originally appeared on ProPublica. The Heartbleed computer security bug is many things: a catastrophic In a typical year, the foundation that supports OpenSSL receives just . The programmers have to rely on consulting gigs to pay for their work. ... [Published Salon - 9 hours ago]
First reported Apr 15 2014 - Updated Apr 15 2014 - 1 reports

First 'Heartbleed' bug attacks recorded

Hackers have started exploiting the ‘Heartbleed’ bug as Canada's tax-collection agency and Mumsnet admit to a breaches.The Canada Revenue Agency said private information of about 900 people had been compromised as hackers exploited the vulnerability, ... [Published Engineering and Technology Magazine - Apr 15 2014]
First reported Apr 14 2014 - Updated Apr 15 2014 - 1 reports

UPDATE 1-'Heartbleed' blamed in attack on Canada tax agency, more expected

10:01pm BST(Adds comments from security expert, results of Pew survey)By Jim Finkle and Louise EganBOSTON/OTTAWA, April 14 (Reuters) - Canada's tax-collection agency said on Monday that the private information of about 900 people had been compromised ... [Published Reuters UK - Apr 14 2014]
First reported Apr 14 2014 - Updated Apr 14 2014 - 1 reports

Cloud puts today’s data centers at risk

Security processes in data centers need to be tightened up, Palo Alto Networks has warned, as virtualization and the Cloud create more vulnerabilities that can be quickly exploited in the time lag between creating virtual networks and imposing security ... [Published Datacenter Dynamics - Apr 14 2014]
First reported Apr 11 2014 - Updated Apr 12 2014 - 1 reports

NSA Allegedly Exploited Heartbleed

squiggleslash writes: "One question arose almost immediately upon the exposure of Heartbleed, the now-infamous OpenSSL exploit that can leak confidential information and even private keys to the Internet: Did the NSA know about it, and did they exploit ... [Published Slashdot - Apr 11 2014]
First reported Apr 12 2014 - Updated Apr 12 2014 - 1 reports

Weekend linkings

Infrastructure Robert McMillan in Wired : How Heartbleed Broke the Internet — And Why It Can Happen Again Dan Kaminsky : Be still my breaking heart (also on Heartbleed ) Connectivity Infrastructure (a piece I wrote for Linux Journal in 2002 ... [Published Doc Searls Weblog - Apr 12 2014]
First reported Apr 12 2014 - Updated Apr 12 2014 - 1 reports

CloudFlare keys snatched using Heartbleed

The two winners are Fedor Indutny and Illkka Mattila. Indutny, who succeeded first, made 2.5 million Heartbleed requests over the course of the day and Mattila made 100,000.CloudFlare rebooted the server at one point during the test which they say may ... [Published ZDNet - Apr 12 2014]
First reported Apr 11 2014 - Updated Apr 12 2014 - 1 reports

More on Heartbleed

This is an update to my earlier post. Cloudflare is reporting that its very difficult, if not practically impossible, to steal SSL private keys with this attack. Here's the good news: after extensive testing on our software stack, we have been unable ... [Published Schneier on Security - Apr 11 2014]
First reported Apr 11 2014 - Updated Apr 11 2014 - 1 reports

Yet Unother heartbleed Perspective (YUhP)

With so many people talking about heartbleed and offering their insights (e.g. excellent posts from Bruce Schneier and Dan Kaminsky) I could not help but add my own. That is not entirely true. I was happy to let others more qualified to field questio ... [Published Security Bloggers Network - Apr 11 2014]
First reported Apr 10 2014 - Updated Apr 11 2014 - 1 reports

More Than A Half-Million Servers Exposed To Heartbleed Flaw

The newly exposed Heartbleed bug plaguing some 17 percent of SSL-secured websites as well as various VPN products has caused a massive case of Internet heartburn over the past 48 hours as companies rushed to confirm their exposure and lock down their ... [Published Insurance and Technology - Apr 10 2014]
First reported Apr 11 2014 - Updated Apr 11 2014 - 1 reports

Heartbleed Will Go On Even After The Updates

The fallout from likely will be felt for a long time, but the immediate and urgent questions top of mind are which sites and products are affected, and which have been fixed. Then what? The scary reality is that even after a site or product is patched ... [Published Insurance and Technology - Apr 11 2014]
First reported Apr 10 2014 - Updated Apr 11 2014 - 2 reports

Heartbleed: A Bug With A Past and A Future

Bruce Schneier stood on the Source Boston keynote stage yesterday and used the word “ginormous” to describe the severity of the OpenSSL heartbleed bug . “My guess is that when heartbleed became public, the top 20 governments in the world started ... [Published threatpost - The First Stop for Security News - Apr 10 2014]

Quotes

"It's not like every hacker in the world has said 'We have this new toy and it gets us in everywhere,'" said Kaminsky. "they still have their old toys. their old toys work a heck of a lot better."

More Content

All (32) | News (22) | Reports (0) | Blogs (10) | Audio/Video (0) | Fact Sheets (0) | Press Releases (0)
sort by: Date | Relevance
Heartbleed’s grim lesson: America’s cybersecuri... [Published Salon - 9 hours ago]
The U.S. Government: Paying to Undermine Intern... [Published ProPublica: Articles and Investigations - Apr 15 2014]
First 'Heartbleed' bug attacks recorded [Published Engineering and Technology Magazine - Apr 15 2014]
UPDATE 1-'Heartbleed' blamed in attack on Canad... [Published Reuters UK - Apr 14 2014]
Cloud puts today’s data centers at risk [Published Datacenter Dynamics - Apr 14 2014]
Weekend linkings [Published Doc Searls Weblog - Apr 12 2014]
CloudFlare keys snatched using Heartbleed [Published ZDNet - Apr 12 2014]
NSA Allegedly Exploited Heartbleed [Published Slashdot - Apr 11 2014]
Yet Unother heartbleed Perspective (YUhP) [Published Security Bloggers Network - Apr 11 2014]
More on Heartbleed [Published Schneier on Security - Apr 11 2014]
Heartbleed Will Go On Even After The Updates [Published Insurance and Technology - Apr 11 2014]
Heartbleed: A Bug With A Past and A Future [Published threatpost - The First Stop for Security News - Apr 10 2014]
What Have We Learned: OpenSSL Heartbleed Bug [Published threatpost - The First Stop for Security News - Apr 10 2014]
More Than A Half-Million Servers Exposed To Hea... [Published Insurance and Technology - Apr 10 2014]
How Quickly Will the Web Bandage the Heartbleed... [Published Bloomberg - Apr 10 2014]
What programs are "critical infrastructure"? [Published ZDNet - Apr 09 2014]
Palo Alto Ignite: bringing some discipline to b... [Published Microscope - Apr 08 2014]
Consumers are souring on Web, post-NSA, survey ... [Published USA Today - Apr 02 2014]
auDA reveals timing for DNSSEC rollout [Published Computerworld Australia - Mar 26 2014]
Secure Domain Foundation Targets Domain-Based S... [Published TechWeekEurope UK - Mar 25 2014]
Secure Domain Foundation Debuts to Fight Intern... [Published eWeek - Mar 25 2014]
Empire man pleads not guilty in child sex assau... [Published Reporter - Mar 15 2014]
Pinnacle Agriculture Holdings acquires two reta... [Published AgProfessional - Mar 14 2014]
Bitcoin, Meet Darwin: Crypto Currency's Future [Published Information Week - Mar 12 2014]
FDL man accused of child sex assault pleads not... [Published Reporter - Feb 22 2014]
Antivirus Software: No Match For Potential Cybe... [Published WebProNews - Feb 14 2014]
Antivirus Software: No Match For Potential Cybe... [Published WebProNews Feed - Feb 13 2014]
White Ops CEO Michael Tiffany to Present at IAB... [Published Marketwire - Breaking News Releases - Feb 10 2014]
Why Target’s Security Breach Was Bound To Happen [Published Think Progress - Dec 23 2013]
A Security Comparison: Microsoft Office vs. Ora... [Published CERT/CC Blog - Dec 19 2013]
1 2
In Focus
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Content Volume
Document Volume
Network
Network

Blogs

sort by: Date | Relevance
Weekend linkings [Published Doc Searls Weblog - Apr 12 2014]
Infrastructure Robert McMillan in Wired : How Heartbleed Broke the Internet — And Why It Can Happen Again Dan Kaminsky : Be still my breaking heart (also on Heartbleed ) Connectivity Infrastructure (a piece I wrote for Linux Journal in 2002 ...
Yet Unother heartbleed Perspective (YUhP) [Published Security Bloggers Network - Apr 11 2014]
With so many people talking about heartbleed and offering their insights (e.g. excellent posts from Bruce Schneier and Dan Kaminsky) I could not help but add my own. That is not entirely true. I was happy to let others more qualified to field questio ...
More on Heartbleed [Published Schneier on Security - Apr 11 2014]
This is an update to my earlier post. Cloudflare is reporting that its very difficult, if not practically impossible, to steal SSL private keys with this attack. Here's the good news: after extensive testing on our software stack, we have been unable ...
Heartbleed: A Bug With A Past and A Future [Published threatpost - The First Stop for Security News - Apr 10 2014]
Bruce Schneier stood on the Source Boston keynote stage yesterday and used the word “ginormous” to describe the severity of the OpenSSL heartbleed bug . “My guess is that when heartbleed became public, the top 20 governments in the world started ...
What Have We Learned: OpenSSL Heartbleed Bug [Published threatpost - The First Stop for Security News - Apr 10 2014]
There’s nothing the Internet loves more than a fat, juicy story that it can sink its sharpened, yellowing canines into. And for the security community, the OpenSSL heartbleed vulnerability has been the equivalent of a 72-ounce steak . But an Internet-breaking ...
1 2
Contact Us
Sales
Support


Freebase CC-BY Some image thumbnails are sourced from Freebase, licensed under CC-BY

Copyright (C) 2014 Silobreaker Ltd. All rights reserved.
The selection and placement of stories and images on any Silobreaker page are determined automatically by a computer program.
The time or date displayed reflects when an article was added to or updated in Silobreaker.