Everything you need to know about the OpenSSL Heartbleed bug, including tools to test for the vulnerability, Snort signatures to detect attacks, and patches can be found at http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/.
F5′s LTM is unaffected so long as you are using the Native/Default ciphers on their Cavium card – http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html.
Make sure that you obtain new SSL certificates from your CA if you have been affected by this attack and remember you must restart all services which use OpenSSL libraries for the patch to take effect.
Contact us if you would like to discuss how to prepare for future crypto/memory attacks. There will be more of these events in the news because the tools to identify security weaknesses in memory have evolved to make the task of finding attack vectors less time consuming - https://code.google.com/p/volatility/.
2014 finds us in our third year of business at DR Data Security. We’re very excited about the direction IT security practices are heading this year. With high profile security breaches in the press to kick off the year, like Target, you can bet that IT security is in the front of C-level minds.
Cloud-based security solutions are maturing, and emphasis is being placed on having greater visibility into user activity within cloud applications. Products like Netskope are making strides in cloud-based monitoring, augmenting and someday possibly eliminating the need for SIEM. Also worth keeping an eye on in 2014 is the Vormetric Data Firewall for AWS and ThousandEyes, a cloud-based performance monitoring solution. PCI 3.0 being in effect will be a strong driver for many organizations to consider these emerging security technologies.
How can we help with your cloud security challenges?
Owner & Principal Consultant
DR Data Security, LLC