The little SSL engine that couldn't

Hi and welcome to another Security weekly. Where we laugh, we cry and share the latest and greatest in security and tech news.Did you know? Competitive art used to be an Olympic sport. I also recently found out about the world championship Excel. It's a wonder we haven't gone extinct.

In this week's edition:

💓 A heartfelt message from yours truly🚂 The little SSL engine that couldn't🔥 the quick and dirty

Reading time: 02:46

A heartfelt message from yours truly

The time of giving is almost upon us.Mariah Carey is awakened from her slumber to bring joy and horror to the world, once more.

And that, my friends, is why I want to use this first segment to make an appeal.This newsletter is still fairly new but already I've had a lot of positive feedback. I've seen my webpage views grows significantly every week and my LinkedIn impressions reach four digits.For that, I am grateful.Who would've thought people actually liked to read my rants, laugh at my low quality memes? (and probably wonder when the actual fuck the next Security Like I'm Five segment is going to be released?)Well I did. *cocky*BUTFor this to continue I'm going to shift to newsletter-through-mail more, and that is why I need to convert those impressions and likes into subscribers.I could spend some of my hard earned money on a Linkedin/Facebook marketing campaing but I chose to spend it differently.I've withdrawn all money on my bankaccounts (honey if you're reading this, I'll get it back, I swear) and bought a promotional meme from NO LESS THAN BERNIE SANDERS!

So, while I figure out a way to convince my wife not to leave me for spending our savings on Bernie Sanders, AND if you like what I have to say - click the button below and subscribe.The content is only going to get better, I promise.

The little SSL engine that couldn't.

I was this close to telling my team we weren't gonna get any rest this weekend.

Damn, that's close yo.

But we were lucky. So lucky.So, what happend top dog? Glad you asked. Here's a quick rundown:

• On October 25st the team from OPENSSL informed the world they were bringing out version 3.7. This to fix a critical bug in the software.

Hol up top dog, what is OPENSSL?

• On October 31st OpenSSL released 2 security advisory's, CVE-2022-3602 and CVE-2022-3786. With critical rating.

• With OpenSSL being so widespread, this could have been a potential disaster. Security advisory's rated as critical are to be patched immediately.

• On november 1st version 3.7 was released, and the severity was downscaled from Critical to High. After further research only 1,5% of all the OpenSSL endpoints available online were found to be vulnerable. And there were no active exploits found.

So for now it seems that the crisis was averted.

That doesn't mean you shouldn't patch this though.Be sure to check out this link and see if any software you or your company uses is on there.

The quick and dirty

• The Most Vulnerable Place on the Internet - why would you post this? It's like you WANT to be cut off.

• Google puts an end to Google Hangouts once and for all - With Elon buying Twitter, who knows if this is the right time to bring back Google+

• How to delete your email and phone number from Facebook - especially handy if you don't even have an account (anymore)

• Meme of the week

Security like I'm five

Don't have time for hours of research? Don't have 20 years of experience in security? Me neither, but I gotchu fam.In Security like I'm five I cover a range of security topics. I do all the hard work, and explain it to you in a practical matter. Lot's of meme's too. Good stuff, good stuff.This and Security weekly conveniently delivered to your mailbox a couple of times a week, for free.Pretty sweet deal if you ask me.

So sign up for the newsletter and be enlightened! (don't set the bar too high tho)