This presentation will outline some new research related to the Heartbleed vulnerability, and cover the full technical details of the threat, with a live demo. Along with it will show how Heartbleed is detected on networked device, and some new research of the full time line of the vulnerability, including details of insider trading. A key focus will be on how software coding problems, and the lack of testing, have caused many of the current problems, especially around cross-site scripting, and will highlight the strange mystery around TrueCrypt and in the recent SQL injection attack by Russian hackers who stolen over 1.2 billion usernames and passwords.
Buchanan, W. J. (2014, September). Complete anatomy of Heartbleed, Truecrypt and large-scale vulnerabilities. Paper presented at 7th International Conference on Security of Information and Networks (SIN 2014)