Researchers have observed a sophisticated hacking groups that perform automatic scanning on the Internet to search for Web servers or computer systems that run the Internet password program known as OpenSSL , which makes them vulnerable to data theft , including keywords , secret communications and credit card numbers .
OpenSSL uses about two- thirds of the web server , but the problem was not detected for about two years .
Kurt Baumgartner , a researcher at security software maker Kaspersky Lab , said his company found evidence Monday ( 7/4 ) that several groups of hackers are believed to be involved in cyber espionage have state -sponsored run the scan shortly after news of the virus appears on the same .
On Tuesday , Kaspersky has identified a scanning - scanning that come from dozens of actors , and the number is rising Wednesday after the software security company Rapid7 launched a free tool to do the scanning .
OpenSSL software used on the server that stores the page but not on the computer table or mobile appliance moves , so even though it's a virus or a keyword uncover passwords and other data included in the tool for hackers , it must be addressed by the operator page.
" Nothing can be done to fix their computer users , " said Mikko Hypponen , head of research at software company F - Secure .
The security researcher who discovered the threat is mainly concerned about the reappearance because it was not detected for more than two years . They fear there is the possibility of computer hackers has been secretly exploit the issue before it was discovered . Although there is no possibility of taking advantage of this deficiency before the existence of the virus was announced Monday night .
Although there is now a way to close the security gap , there are many reasons for concern , according to David Chartier , CEO of Codenomicon . "I thought there was no one who has used this technology in a position to definitively say they are not bothered , " he said .
No comments:
Post a Comment