New widespread Internet bug could be more dangerous than Heartbleed

Zach Epstein

June 6, 2014 at 9:40 AM

How to move quickly on a slow Internet connection

There is nowhere to hide. Just two months following the discovery of Heartbleed, the massive OpenSSL bug that affected two-thirds of the entire Internet at the time it was revealed, a new OpenSSL bug has been uncovered that could be even more dangerous. Led by Masashi Kikuchi, security researchers at Japan-based Lepidum shared their discovery on Thursday, noting that this newly revealed vulnerability in OpenSSL has existed for more than 15 years.

According to a report from The Guardian, nefarious hackers using this vulnerability could intercept sensitive data from a target’s computer while connected to the same network. A hacker on a public Wi-Fi network, for example, could use the OpenSSL bug to intercept usernames, passwords and credit card data from other people on the network. Hackers can even alter the data sent and received by other computers on the network using this flaw.

This newest security hole “may be more dangerous than Heartbleed” because it can be used to actively spy on people, Lepidum security researcher Tatsuya Hayashi told The Guardian.

“Under the public Wi-Fi network situations, attackers can very easily eavesdrop and make falsifications on encrypted communications,” Hayashi said. “Victims cannot detect any trace of the attacks.”

The new vulnerability exists in all builds of OpenSSL prior to versions OpenSSL 1.0.1 and 1.0.2 beta. Computers, tablets and mobile phones are all currently at risk as a result.

This article was originally published on BGR.com

News

Life

Entertainment

Finance

Sports

New on Yahoo

New widespread Internet bug could be more dangerous than Heartbleed

Recommended Stories

Former NBA guard Darius Morris dies at 33

Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'

The FDIC change that leaves wealthy bank depositors with less protection

Former House Speaker Paul Ryan says he’s not voting for Trump : 'Character is too important'

Ranking the best situations for the rookie quarterbacks: Start with Michael Penix in Atlanta at No. 1

Phil Mickelson on the majors: 'What if none of the LIV players played?'

Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap

Heat's Pat Riley unhappy with Jimmy Butler's remarks on Celtics and Knicks, implies he needs to play more

NBA playoffs: Officials admit they flubbed critical kick-ball call in controversial final minute of Pacers-Knicks

Social Security just passed Medicare as the government's most pressing insolvency risk

No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it

The Scorecard: Andy Pages looks set to go down as one of the best fantasy baseball waiver wire pickups of 2024

Dwayne Johnson is difficult to work with, report claims. The star has 'mountains of public goodwill' to offset negativity, expert says.

Ex-Ole Miss QB and Denver Broncos draft pick Chad Kelly suspended at least nine games by CFL

NBA playoffs: Predictions for Celtics-Cavaliers and every second-round series

NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?

The best RBs for 2024 fantasy football according to our analysts

Edmunds bought a Fisker Ocean, warns others not to make the same mistake

NFL Draft fashion: Caleb Williams, Malik Nabers dressed to impress, but Marvin Harrison Jr.'s medallion stole the show

Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race