Post Updated 9/30/2014
Several months ago, the Internet was put to a halt when the Heartbleed vulnerability was disclosed. Webservers, devices, and essentially anything running SSL were affected; as a result, attackers were able to collect passwords, free of charge.
With Heartbleed, the exploit made a splash and many attackers started to use the vulnerability. One of the more high-profile attacks of Heartbleed was the CHS attack, where the attackers siphoned 4.5 million patient records by attacking a Juniper device, then hopping onto their VPN.
So how can something be bigger than Heartbleed? I’m glad you asked.
PhishMe Senior Researcher Ronnie Tokazowski discusses the recent Bashbug vulnerability in this Dark Reading article.
SC magazine discusses recent research from PhishMe that examined phishing emails with malicious PDF attachments.
PhishMe’s Scott Greaux provides advice for organizations looking to establish a security behavior management programs.