Bleeding Hell! Bug ‘HeartBleeds’ User Details, Resarchers Warn

X

Software bug could bleed users personal infoA long standing Open SSL bug, called Heartbleed, has been uncovered, which could expose user’s private data to online hackers.  

The software vulnerability affects the way most websites and online services secure your communication, allowing hackers to “heartbleed” your personal info. 
An attacker can ‘heartbleed’ to read the memory of systems protected by OpenSSL. This exposes the secret keys used to encrypt traffic, names and passwords. 
The bug opens the door for attackers to eavesdrop on web communications, steal data directly from websites or users, say researchers. It could even allow hackers impersonate a user.
Websites using OpenSSL have a small padlock icon in the browser address bar or the ‘s’ added to the ‘http’ prefix, are being targeted using this vulnerability. 
Researchers claim to have found all sorts of stuff, including usernames, passwords, server encryption keys, and more, while ‘heartbleeding.” 
Around two-thirds of websites and many other services currently use affected versions of OpenSSL (Open Secure Socket Layer),” warns Australian Government Stay Smart Online website.  
Yahoo had been hit by the bug which is now fixed. Other companies should also be updating their OpenSSL and renewing certificates to address the issue.
Should you change your password?
Perhaps not, says Security expert, Paul Ducklin from Sophos Labs. 
“There is one important reason why you might not want to rush out and change all your passwords on all your services right this minute, and it’s a sort-of Catch-22. If you need to change your password on a server that is at risk due to heartbleed, then the new password you choose may be at risk due to heartbleed.
There are a lot more people ready to heartbleed your new password right now than there were a week ago, he says. 
“We suggest you wait until you know that a site is not vulnerable, for example because it makes a clear statement to that effect, or use a public testing service that connects to a website to estimate whether it’s safe or not first.” 
What can you do?
According to the Stay Safe Online website: 
Each website or service needs to be fixed by its administrator and users should contact a website or service provider and ask them if the issue has been addressed.
Once this is done, you should also consider changing your password for any accounts you have on affected sites -particularly if they relate to sensitive, personal or financial information.
Affected websites may begin to notify users to change passwords, but there is no guarantee websites will do this.
If you are a business who operates a website, you should be taking steps to address this issue.
Top Gun Channel News Banner 1 728x90 Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
Uniden PRO 728 x 90 Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
4Square clarity ad 1 Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
1 Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
gtv r3 728x90 px Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
Leaderboard 728x90 Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
LB 728x90px Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
thumbnail G415 SmartHouse 728x60 Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
593756 au cs co re fy22q4w4 sit aw ark m15 r6 leaderboard 728x90 iif R1 Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn
2 1 Bleeding Hell! Bug HeartBleeds User Details, Resarchers Warn


YOU MAY ALSO LIKE