Sunday, December 17, 2017
News Roundup

Passwords vulnerable after security flaw found

NEW YORK — Passwords, credit cards and other sensitive data are at risk after security researchers discovered a problem with an encryption technology used to securely transmit email, e-commerce transactions, social networking posts and other Web traffic.

Security researchers say the threat, known as Heartbleed, is serious, partly because it remained undiscovered for more two years. Attackers can exploit the vulnerability without leaving any trace, so anything sent during that time has potentially been compromised. It's not known, though, whether anyone has actually used it to conduct an attack.

Researchers are advising people to change all of their passwords.

"I would change every password everywhere because it's possible something was sniffed out," said Wolfgang Kandek, chief technology officer for Qualys, a maker of security-analysis software.

The flaw was found independently in recent days by researchers at Google and the Finnish security firm Codenomicon.

The breach involves SSL/TLS, an encryption technology marked by the small, closed padlock and "https:" on Web browsers to signify that traffic is secure. With the Heartbleed flaw, traffic was subject to snooping even if the padlock had been closed.

The problem affects only the variant of SSL/TLS known as OpenSSL, but that happens to be one of the most common on the Internet.

Researchers at Codenomicon say that OpenSSL is used by two of the most widely used Web server software, Apache and nginx. That means many websites potentially have this security flaw. OpenSSL is also used to secure email, chats and virtual private networks, which are used by employees to connect securely with corporate networks.

Despite the worries, Codenomicon said many large consumer sites don't have the problem because of their "conservative choice" of equipment and software. "Ironically smaller and more progressive services or those who have upgraded to (the) latest and best encryption will be affected most," the security firm added.

A fix came out Monday, but affected websites and service providers must install the update.

Many organizations were heeding the warning. Companies like Lastpass, the password manager, and Tumblr, the social network owned by Yahoo, said they had issued fixes and warned users to immediately swap out their usernames and passwords.

Comments
Bucs-Falcons: Things to watch in Monday’s 8:30 p.m. game

Bucs-Falcons: Things to watch in Monday’s 8:30 p.m. game

TAMPA — The Bucs and Falcons have each won three straight games on Monday nights as they face each other on a national platform tonight at Raymond James Stadium.How can Tampa Bay continue its streak and stop Atlanta’s? It won’t be easy, but given the...
Updated: 1 hour ago

Bitcoin futures begin trading on CME, price little changed

NEW YORK — Another security based on the price of bitcoin, the digital currency that has soared in value and volatility this year, began trading on the Chicago Mercantile Exchange on Sunday. The CME Group, which owns the exchange, opened up bitcoin f...
Updated: 1 hour ago

Woman shot and killed in apparent drive-by shooting in Clearwater

CLEARWATER — A woman was shot to death Sunday night in an apparent drive-by shooting, according to Clearwater police.Authorities said they received an initial call at 8:19 p.m. originating from 800 Belleair Road. The shooting is believed to have occu...
Updated: 1 hour ago
Bucs fans call for Jon Gruden — why was he fired to begin with?

Bucs fans call for Jon Gruden — why was he fired to begin with?

TAMPA — The beers and the "love ya, bros" were flowing Saturday night at the Hooters in Tampa. Jon Gruden, who will be inducted into the Bucs Ring of Honor at halftime of tonight’s home game against the Falcons, worked the room, greeting family, frie...
Updated: 1 hour ago
Fennelly: Jon Gruden was one hard-working bro

Fennelly: Jon Gruden was one hard-working bro

TAMPA — It’s ridiculous that it took this long to give Jon Gruden a night all his own, given the nights he gave Bucs fans. But it will happen this evening at Raymond James Stadium, a salute to the thermonuclear source of that Super Bowl season, that ...
Updated: 2 hours ago
Massachusetts rolls 100-foot-long joint; McCain likely to miss tax bill vote; Cherokee Nation’s fear of losing heritage drives opioid lawsuit; more in U.S. news

Massachusetts rolls 100-foot-long joint; McCain likely to miss tax bill vote; Cherokee Nation’s fear of losing heritage drives opioid lawsuit; more in U.S. news

Massachusetts Rolling a fat one — 100 feet longMarijuana aficionados have rolled a 100-foot-long joint. The effort was led by Boston-based cannabis club and advocacy group Beantown Greentown during an exhibition of pro-marijuana vendors and supporter...
Updated: 3 hours ago
Trump says he isn’t considering firing Mueller

Trump says he isn’t considering firing Mueller

WASHINGTON — President Donald Trump said Sunday that he is not considering firing special counsel Robert Mueller even as his administration was again forced to grapple with the growing Russia inquiry that has shadowed the White House for much of his ...
Updated: 3 hours ago
Friendly competition

Friendly competition

 
Updated: 3 hours ago
Sudden power outage brings Atlanta airport to a standstill; expected to be restored by midnight

Sudden power outage brings Atlanta airport to a standstill; expected to be restored by midnight

ATLANTA — A sudden power outage brought the world’s busiest airport to a standstill Sunday, grounding scores of flights in Atlanta just days before the start of the Christmas travel rush. However, authorities said that electricity should be restored ...
Updated: 4 hours ago

More than 300 cruise passengers fall ill with stomach virus

PORT EVERGLADES — More than 300 passengers on a cruise ship that docked at Port Everglades fell ill with a stomach virus. The Naples Daily News reported that the Royal Caribbean Cruises Limited’s ship Independence docked Saturday in Florida reported ...
Updated: 4 hours ago