The funkily-named bug of the week is GHOST. Here’s how it got its name, why there’s a problem, and what you can do about it…
Tag Archives: buffer overflow
SSCC 173 – Lest we forget [PODCAST]
Here’s the latest episode of our weekly “Chet Chat” security podast. Chet and Duck take on the week’s news in their inimitable way…enjoy!
Cisco warns of big remote management hole in tiny routers
Even little routers can have giant holes, as Cisco warns in a just-published security advisory.
SSCC 156 – Warbiking in Manhattan, hubris for Google, and how less can be more [PODCAST]
Sophos experts Chester Wisniewski and Paul Ducklin are back with this week’s security podcast, turning plain old news into advice you can use.
LibreSSL ships first portable version, now up to 48% less huge!
LibreSSL, OpenBSD’s drop-in replacement for OpenSSL started after the pain of Heartbleed, has just published its first “portable” version. If you’re a coder and you’re interested in security, why not try it and see what you think?
Anatomy of a buffer overflow – Google’s “KeyStore” security module for Android
Here’s a cautionary tale about a bug, courtesy of IBM. Not that IBM had the bug, just to be clear: Google had the bug, and IBM researchers spotted it.
Move over Heartbleed – here comes another SSL/TLS bug
Which widely used open source SSL/TLS cryptographic library just recently fixed a critical bug caused by a buffer overflow? (Hint. The software isn’t OpenSSL and the vulnerability isn’t Heartbleed.)
Linux “got root” kernel bug patched after five years at large
Here’s a kernel bug in Linux that turned out to have been sitting there, Heartbleed style, awaiting discovery and exploitation for several years. Paul Ducklin digs in…
