http://www.theage.com.au/it-pro/security-it/hackers-from-china-waste-little-time-in-exploiting-heartbleed-20140416-zqvkd.html
By Jordan Robertson
The Age - ITPro
April 16, 2014
For those who don't feel the urgency to install the latest security fixes
for their computers or change passwords, take note: Just a day after
Heartbleed was revealed, attacks from a computer in China were launched.
The software bug, which affects a widely used form of encryption called
OpenSSL, was announced to the world on Tuesday, April 8 at 3:27am Sydney
time, according to a timeline pieced together by Fairfax Media. That sent
companies scrambling to fix their computer systems - and for good reason.
At 10.00 am on Wednesday, a computer in China that was previously used for
hacking and other malicious activities tried to attack a server at the
University of Michigan, said J. Alex Halderman, an assistant professor of
electrical engineering and computer science. The university's computer was
a "honeypot", which was intentionally left vulnerable and designed to
attract attacks so researchers could study them.
The hackers' fast turnaround highlights how quickly the digital underworld
is in taking advantage of newly disclosed software vulnerabilities. So
far, 41 attempts to exploit the Heartbleed hole have been made on three
honeypots operated by Halderman and his research team. About half have
come from China. The attacks could include some attempts by other
researchers trying to assess the impact of the bug.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
