Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

More than half of all OpenSSL remain vulnerable to Heartbleed: Cisco

Brian Karlovsky | Jan. 22, 2015
More than half of all OpenSSL versions still remain vulnerable to the Heartbleed bug, according to the Cisco 2015 annual the security report.

"We once worried about IP theft, now we worry about critical services failure.

"Our adversaries are increasingly proficient, exploit our weaknesses and hide their attacks in plain sight.

He said security must provide protection across the full attack continuum and technology must be bought, designed and built with that in mind.

"Online services must be run with resiliency in mind, and all of these moves must happen now to tip the scales and protect our future," he said.

"It requires leadership, cooperation, and accountability like never seen before in our industry."

Cisco principal engineer, Jason Brvenik, said attackers had become more proficient at taking advantage of security gaps.

"We observed that 56 per cent of all OpenSSL versions still remain vulnerable to Heartbleed and that major attacks are only leveraging one per cent of high-urgency vulnerabilities at any given time," he said.

"Despite this, we see less than half of the security teams surveyed using standard tools like patching and configuration management to help prevent security breaches.

"Even with leading security technology, excellence in process is required to protect organisations and users from increasingly sophisticated attacks and campaigns."


Previous Page  1  2 

Sign up for Computerworld eNewsletters.