Rush to defend against Heartbleed leads to mistakes with certificates, patches
Some reissued SSL certificates use the same vulnerable key as the ones they replace, and some sites moved to a vulnerable version of OpenSSL
Some reissued SSL certificates use the same vulnerable key as the ones they replace, and some sites moved to a vulnerable version of OpenSSL
The new browser plug-in can identify Web sites that maybe vulnerable to the OpenSSL bug
The attackers sought credentials and other personal information through a phishing scheme, researchers said
The certificates could be used to launch man-in-the-middle attacks against desktop and mobile apps with poor certificate validation
Spoofed emails posed as CloudFlare alerts about account limits being exceeded
'Apache Killer' circulates in the wild, say project devs, who promise a patch in 48 hours
What comes next?