The OpenSSL project team has released patches for two vulnerabilities in the popular cryptography library.
Two versions of the OpenSSL software are scheduled to receive updates to patch a pair of vulnerabilities this week, including one tagged as 'high-severity.'
At least in theory, DevOps should help improve security for most businesses but some of the tools that DevOps workers use are actually opening up new security holes, experts speaking at RSA in San Francisco said this week.
A major new security vulnerability that affects the Bash shell has been touted as being the most dangerous threat to Internet security ever.
Now that the dangers of an insecure session-layer security library are crystal clear to the world, Intel is one of the companies contributing improvements to its open source version.
The fact that there's a security advisory at all tells us someone actually does care about the encryption library.
The top news stories for May 22, 2014.
Two of ZDNet's finest examine the question of whether the Heartbleed bug happened on account of open source.
A publicity site produced by a college student touting his latest discovery succeeds in making waves, though the hubbub might have been avoided had he just used Google.
In the wake of the Heartbleed bug, The Linux Foundation has announced that 12 leading tech companies have each pledged $100,000 per year over the next three years to fund open source projects aimed at improving open source software.