Computerworld

Core Infrastructure Initiative to delve into security of OpenSSL, OpenSSH, Network Time Protocol

The Linux Foundation today announced the first protocols that it wants to address as part of its open-source code testing and security review. Not surprisingly, OpenSSL, where the infamous Heartbleed ...
Dark Reading

Tech Insight: Debian Linux Flaw Threatens SSL Encryption

Ten days ago, a Debian Security Advisory (DSA-1571-1) was released that detailed a flaw in the OpenSSL cryptographic libraries that affects both Debian and other Linux distributions derived from ...
Threat Post

Audit of GitHub SSH Keys Finds Many Still Vulnerable to Old Debian Bug

An audit of the SSH keys associated with more than a million GitHub accounts shows that some users have weak, easily factorable keys and many more are using keys that are still vulnerable to the ...