LevelBlue Blog

Heartbleed is a vulnerability with a CVSS score of only 5.0/10. As of this morning we have observed 840 breaches related to the Heartbleed vulnerability, CVE-2014-0160. More than enough has been said about the technical details of the vulnerability; hence I’d like to use this post to discuss the vulnerability management implications of Heartbleed, because they are both alarming… Read more →

Heartbleed is not an exploit you want to ignore as an IT professional. It exposes passwords and cryptographic keys, and requires not only that you patch OpenSSL for each of the services using the OpenSSL library, but also that you replace the private keys and certificates so that attackers won’t be able to use any of the data… Read more →