Breach detection firm Mandiant: Attackers Exploited Heartbleed bug one day after its disclosure. Attacker posing as an authorized user tunneled into computer system of a major corporation, firm says. Canadian authorities arrested a teenager this week for his alleged role in exploiting the vulnerability. Attack bypassed multi-factor authentication as well as the VPN client software used to validate that systems connecting to the VPN are owned by the corporation and running specific security software. The breach detection firm declined to identify the breached corporation.”]
Source: https://www.cuinfosecurity.com/mandiant-heartbleed-leads-to-attack-a-6766