Organizations using “remote access software or appliances” susceptible...
Organizations using “remote access software or appliances” susceptible to the Heartbleed bug should “identify infrastructure affected by the vulnerability and upgrade it as soon as possible,” said security provider Mandiant in a blog post (http://bit.ly/1tinjDV) Friday. Heartbleed is the recently…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
discovered security glitch in Secure Sockets Layer (SSL), which affects OpenSSL, a cryptographic software library used to secure websites using HTTPS encryption to protect data (CD April 11 p13). Organizations and businesses with vulnerabilities to Heartbleed should “implement network intrusion detection signatures to identify repeated attempts to leverage the vulnerability,” it said. “In our experience, an attacker will likely send hundreds of attempts because the vulnerability only exposes up to 64KB of data from a random section of memory,” it said. Historical reviews of virtual private networks should be performed to “identify instances where the IP address of a session changed repeatedly between two IP addresses,” it said. “It is common for an IP address to legitimately change during a session, but from our analysis it is fairly uncommon for the IP address to repeatedly change back and forth between IP addresses that are in different network blocks, geographic locations, from different service providers, or rapidly within a short time period,” it said.