When you see so many vulnerabilities being reported and so many security-related issues being exploited, you may think to yourself “I’m lucky not to be using that package or software, I’m not vulnerable to this”.
HeartBleed… kind of sounds like a love song from the 1970s. It’s not. HeartBleed is a serious vulnerability (CVE-2014-0160) affecting the OpenSSL shared library. It’s been around since 2014, but unlike the oldies you hear once in a while on the radio, this cyber weakness is very much with us today. NTT’s 2020 Global Threat Intelligence Report reveals that HeartBleed helps make OpenSSL the second most targeted software technology in the world—accounting for 19% of hostile activity globally.
To help administrators manage hundreds of servers with open-source libraries, KernelCare released UChecker – a scanner that checks network Linux servers and detects out-of-date libraries both on disk and in memory. KernelCare’s open-source scanner will find false negatives by correctly reporting vulnerable libraries running in memory that could be reported as updated by other scanners.