Download as PDF, PPTX
Uploaded byBlue Coat
What is Heartbleed?
The document discusses the Heartbleed vulnerability (CVE-2014-0160) in OpenSSL software, which allowed attackers to access sensitive data from servers without detection. Discovered by Neel Mehta and his team in 2014, this bug was present for two years and exploited the heartbeat protocol error that caused servers to expose more data than intended. Major websites like Facebook and Google were affected, leading to significant security concerns.
![[QA Night Recife] Heartbleed SecInf](https://cdn.slidesharecdn.com/ss_thumbnails/qanight-heartbleedsecinf-150514030345-lva1-app6891-thumbnail.jpg?width=640&height=640&fit=bounds)
What is Heartbleed?
- 1.
- 2.
- 3. PASS IT ON Clickthis button to share information on each slide.
- 4. CVE-2014-0160 Official designation is CVE(Common Vulnerabilities and Exposures) a vulnerability that exists in the OpenSSL security software, which is used to create secure connections. HEARTBLEED VIEW THE INFOGRAPHIC
- 5. This vulnerability existedfor 2 years before it was caught! VIEW THE INFOGRAPHIC
- 6. 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 01001010101010010110010101001111100100100101000101 Version 1.0.1 ofOpenSSL introduced the vulnerability known as heartbleed, and was released on March 14, 2012. Heartbleed was discovered by Neel Mehta, an engineer at Google Security, and a team of security engineers (Riku, Antti and Matti) at Finnish security firm, Codenomicon. !!! VIEW THE INFOGRAPHIC
- 7. A computer thatis on a secure connection to a server will send out a request to confirm that the connection is still active. The server takes that request and stores the data. Then it returns that same packet of data. This secure connection (SSL/TSL), is called a “heartbeat.” It includes two things: a payload, and padding. HOW IT WORKS
- 8. VIEW THE INFOGRAPHIC THISIS WHERE THE BLEEDING HAPPENS Servers using the protocol do not check to confirm that the packet of data actually matches the size indicated.
- 9. So, for example,if a heartbeat was sent with a single byte of data, and claimed to have 30 bytes of data. Rather than confirm that the data was only 1 byte, the server would grab not only that, but the next 29 bytes from memory as well and send it back the user. VIEW THE INFOGRAPHIC 1 byte (30 bytes) (30 bytes)
- 10. VIEW THE INFOGRAPHIC Imaginewhat could be in those extra 29 bytes? No data is safe! Passwords Addresses Full Names Credit Card NumbersEncryption Keys *** Social Security Numbers
- 11. VIEW THE INFOGRAPHIC Notonly that, A malicious user could make as many heartbeat requests as they’d like. With NO TRACE being left behind.
- 12. Including heavily traffickedwebsites such as: Facebook, Google, YouTube and Wikipedia. VIEW THE INFOGRAPHIC are using the vulnerable heartbeat extension. About 500,000 sites
- 13. By automatically detecting,blocking and logging attempted Heartbleed attacks, Blue Coat’s SSL Visibility Appliance provides enterprises with the security assurance they require. PROTECT & PREVENT START NOW
- 14. Brought to youby: VIEW THE INFOGRAPHIC SOURCES: http://heartbleed.com http://vimeo.com/91425662 http://www.pewinternet.org/2014/04/30/heartbleeds-impact/ http://readwrite.com/2014/04/13/heartbleed-security-codenomicon-discovery#awesm=~oE3W6PSiCIxWOz http://www.digitaltrends.com/mobile/heartbleed-bug-apps-affected-list/#!MOLoi