Major Internet Vulnerabilities of 2014
There have been 3 major vulnerabilities over the past year.
>> Heartbleed (Dubbed Heartbleed, this dangerous OpenSSL bug allows an attacker to access information from a client or server’s memory.)
>> Shellshock (Once exploited, this vulnerability allows attackers to completely take over the server, enabling them to steal files, delete information, download malware and execute DDoS attacks.)
>> POODLE (An exploit design flaw in SSL 3.0, attackers convince the browser to downgrade to SSL 3.0 (i.e., fallback option).They then exploit SSL 3.0 weaknesses to decrypt and extract sensitive data from the stream (e.g., email addresses, passwords, credit card data from an e-commerce site).