Security researchers have found new bugs in the Web encryption software that caused the malicious “Heartbleed” cyber threat. Experts say that the new vulnerabilities in OpenSSL, would allow hackers to spy on communications, is not as serious a threat as "Heartbleed."
The new bugs were discovered by the group which released an OpenSSL update that contains seven security fixes. Experts say that websites and technology firms that use OpenSSL technology should install the update on their systems as quickly as possible, but first the companies need to test their systems to make sure that they are compatible with the update.
"They are going to have to patch. This will take some time," said Lee Weiner, senior vice president with cyber security software maker Rapid7.
OpenSSL technology is used by major tech giants including Amazon.com Inc, Yahoo Inc, Facebook Inc and Google Inc. Thousands of technology products from companies, including Cisco Systems Inc, HP, IBM, Intel Corp and Oracle Corp also use the OpenSSL technology.
The "Heartbleed" bug surfaced in April and was used by cyber hackers to steal large quantities of data without leaving a trace. The bug allows attackers to gain access to users passwords and fool them by using fake versions of websites. A recent report from Portuguese security researcher Luis Grangeia says that the heartbleed bug is being used over Wi-Fi to enable new kinds of attacks. The new line of attack called Cupid attacks Android devices running v4.1.
Other Popular Deals
- 10 websites and applications you must know about8 music streaming services worth trying out
- 6 ways to start learning Microsoft AzureHow to improve your Firefox browsing experience
- The 12 most hilarious YouTube channels10 Microsoft Big Data Success Stories
- 15 must have chrome extensions15 apps and websites to accomplish everyday tasks
- 10 YouTube sci-tech channels every geek should follow10 reasons to trust Azure with your data