Accuvant releases paper to help organizations defend against Heartbleed Bug security risk

By: InnovatioNews Thursday April 10, 2014 0 comments Tags: Accuvant, Denver, Heartbleed Bug

DENVER - Accuvant, a provider of information security, announced it has released a new paper with recommendations on how to address the recently discovered Heartbleed Bug, a serious Internet security vulnerability that could put personal information such as passwords, credit card information and emails at risk.

Accuvant said the Heartbleed Bug is a vulnerability with the OpenSSL cryptographic library (CVE-2014-0160) used to encrypt communications between Web applications, email exchanges, instant messaging and some SSL-based virtual private network connections.

The potential danger occurs because the vulnerable software packages do not properly handle Heartbeat Extension packets, Accuvant said.

The Accuvant paper provides organizations with information on the Heartbleed Bug that includes a list of products and applications that may be affected; guidance on how organizations can determine their vulnerability; details on the impact the vulnerability could have on an organization; and recommendations on how to address the vulnerability.