2014: Year of the New 'Old' Bugs

Infographic Shows Length of Time Exploits Went Undetected Jeffrey Roman (gen_sec) • December 16, 2014

2014: Year of the New 'Old' Bugs

This past year saw the revelation of three massive security bugs - Heartbleed, POODLE and Shellshock - that existed for lengthy periods of time before they were discovered.

See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources

For instance, the Heartbleed vulnerability - which exposes a flaw in OpenSSL, a cryptographic tool that provides communication security and privacy over the Internet - was identified in April, but had existed in the wild since December 2011.

Previous
NIST Revises Guide on Security Controls

Next
Sony's Breach Notification: The Details

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

You might also be interested in …

2022 Unit 42 Ransomware Threat Report

2022 Unit 42 Ransomware Threat Report

57 Tips to Secure Your Organization

57 Tips to Secure Your Organization

2022 Unit 42 Incident Response Report

2022 Unit 42 Incident Response Report

Preparing for New Cybersecurity Reporting Requirements

Preparing for New Cybersecurity Reporting Requirements

OnDemand : Learn the ABCs to the 3 V's of Asset Management

OnDemand : Learn the ABCs to the 3 V's of Asset Management

Independent Tests of Anti-Virus Software

Independent Tests of Anti-Virus Software

Zero Trust Network Access For Dummies®

Zero Trust Network Access For Dummies®

Hybrid Work Drives the Need for ZTNA 2.0

Hybrid Work Drives the Need for ZTNA 2.0

Ten Considerations for Evaluating Zero Trust Network Access Solutions

Ten Considerations for Evaluating Zero Trust Network Access Solutions

Around the Network

What's Inside Washington State's New My Health My Data Act

What's Inside Washington State's New My Health My Data Act

HHS OCR Leader: Agency Is Cracking Down on Website Trackers

HHS OCR Leader: Agency Is Cracking Down on Website Trackers

Why Health Entities Need to Implement NIST Cyber Framework

Why Health Entities Need to Implement NIST Cyber Framework

CyberArk CEO Touts New Browser That Secures Privileged Users

CyberArk CEO Touts New Browser That Secures Privileged Users

Top Privacy Considerations for Website Tracking Tools

Top Privacy Considerations for Website Tracking Tools

HIPAA Considerations for AI Tool Use in Healthcare Research

HIPAA Considerations for AI Tool Use in Healthcare Research

Why Legacy Medical Systems Are a Growing Concern

Why Legacy Medical Systems Are a Growing Concern

Checking Out Security Before Using AI Tools in Healthcare

Checking Out Security Before Using AI Tools in Healthcare

Closing Privacy 'Loopholes' in Reproductive Healthcare Data

Closing Privacy 'Loopholes' in Reproductive Healthcare Data

Efficient Management of Enterprisewide Data Protection

Efficient Management of Enterprisewide Data Protection

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.