A targeted attack against an unnamed organization exploited the Heartbleed OpenSSL vulnerability to hijack web sessions conducted over a virtual private network connection.

Incident response and forensics firm Mandiant shared some details on a recent investigation of an incident that began April 8, one day after Heartbleed was publicly disclosed. Mandiant said the attackers exploited the security vulnerability in OpenSSL running in the client

The link for this article located at ThreatPost is no longer available.