The attackers exploited the security vulnerability in OpenSSL running in the clients SSL VPN concentrator to remotely access active sessions. Researchers guessed heartbleed had infected two-thirds of all Web servers, and researchers at Sucuri reported Friday that just 2 percent of the top 1 million websites on the Internet remain infected and all of the top 1,000 sites have been patched against the OpenSSL vulnerability but Mandiant tracks a scary new attack vector–VPN user sessions. But also on Friday, Mandiant researchers reported an attack they tracked beginning on April 8 in which an attacker “leveraged the Heartbleed vulnerability in a …continue reading
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
The post After 11days of Heartbleed pain in market, VPN is Still Vulnerable appeared first on National Cyber Security.
View full post on National Cyber Security