{"id":74249,"date":"2015-01-13T18:46:46","date_gmt":"2015-01-13T23:46:46","guid":{"rendered":"http:\/\/rbach.net\/blog\/index.php\/"},"modified":"2021-08-24T14:50:50","modified_gmt":"2021-08-24T18:50:50","slug":"2014s-major-web-vulnerabilities","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/2014s-major-web-vulnerabilities\/","title":{"rendered":"2014’s Major Web Vulnerabilities"},"content":{"rendered":"

\"2014's<\/a>2014<\/strong> was the year of cyber-security\u00a0mega-vulnerabilities<\/strong>. What makes mega vulnerabilities unique are they strike at the core of the Internet<\/strong> infrastructure and can impact nearly every connected device and every Internet user on the globe. 2014 saw the emergence of three mega-vulnerabilities Hearbleed<\/strong>, Shellshock,<\/strong> and POODLE<\/strong>.<\/p>\n

\"\"<\/a>Heartbleed<\/a>, Shellshock<\/a>, and POODLE<\/a> were the top three major web vulnerabilities uncovered in 2014 according<\/a> to Fred Donovan<\/a> at\u00a0FierceITSecurity<\/a>.<\/em>\u00a0In case you have not heard of this trio of troublemakers, Web security firm Incapsula<\/a> produced the following infographic.<\/p>\n

The Incapsula infographic looks at each of these vulnerabilities<\/strong> and layout when they were discovered, what type of vulnerability they are, what systems and the number that are affected, the risks posed by the vulnerabilities, their severity, how easy they are to exploit, and the difficulty of fixing. Tim Matthews<\/a>, vice president of marketing for Incapsula wrote in their blog<\/a>:<\/p>\n

What makes these mega vulnerabilities special is that unlike most vulnerabilities that are specific to a particular OS<\/a>, browser or software application, these three relate to the core Internet infrastructure (e.g., SSL<\/a> and Linux devices<\/a>) and, in essence, affect just about every connected device owner and every Internet user on the globe.<\/em><\/p>\n

\"Incapsula<\/a><\/p>\n

rb-<\/em><\/strong><\/p>\n

In their blog, Incapsula warns this is the tip of the iceberg of mega-vuln<\/a>‘s that exploit other structural core functions of the Intertubes. Wired<\/a> reports that after 8 months, 300,000 machines remain unpatched against Heartbleed.<\/em><\/p>\n

Related articles<\/h6>\n