Threat Post

OpenSSL Patches Critical Certificate Validation Vulnerability

A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.
Ars Technica

OpenSSL fixes high-severity flaw that allows hackers to crash servers

OpenSSL, the most widely used software library for implementing website and email encryption, has patched a high-severity vulnerability that makes it easy for hackers to completely shut down huge ...
Ars Technica

OpenSSL Certificate help

I'm trying to generate a certificate (using the openssl command line tool) that can't actually DO anything - can't sign, can't encrypt. Is this possible? It seems like the purpose of the certificate ...
Daily Mail

Heartbleed was an accident: Developer confesses to causing coding error and admits its effect is 'clearly severe'

German developer Dr Robin Seggelmann admitted he wrote the code It was then reviewed by other members and added to OpenSSL software This addition led to the Heartbleed flaw in the open-source program ...
Network World

How to hack the certificate for a Cisco Identity Services Engine node

I just got back from a few weeks traveling around Europe, presenting at Cisco Live Europe, and meeting with customers and partners. It is obvious that this blog is very much needed for a lot of the ...