Bug Discovered in OpenSSL, puts Encrypted Internet Data at Risk
Neel Mehta of Google's security team has discovered and publicly disclosed a bug, known as "Heartbleed," in OpenSSL, an encrypted library used to secure a large percentage of the Internet's traffic. The bug allows any system running OpenSSL to be tricked into revealing chunks of data in system memory, including keys used for encryption of information like usernames, credit card numbers, etc. It appears the bug has been in OpenSSL for over two years and that exploitation of the bug leaves no trace. In response, OpenSSL has released an emergency patch for the bug.
Click here to read more about "Bug Discovered in OpenSSL, puts Encrypted Internet Data at Risk" at TechCrunch News