A New Security Heart Attack: Heartbleed

Posted by Tobias Eichenseer Mon, 14 Apr 2014 11:33:00 GMT

Like Cryptolocker, a new security culprit has been unleashed on the Internet. The Heartbleed bug is a vulnerability within the popular OpenSSL technology that allows hackers to easily steal a service’s encryption keys, thereby allowing them to steal other sensitive information including passwords and credit card numbers. This new bug was discovered by a team of security engineers at tech company Codenomicon and Neel Mehta of Google Security.

Fortunately, a fix has already been created. However, the onus is on the service provider to adopt the fix before they can be secure from hackers.

So what can you do to immediately protect your data?

Security researchers advise Internet users to first make sure that service providers have fixed the bug on their server—a new password for a service that has not installed the fix can easily be stolen. Then, change the passwords to all of your services, especially for sites that contain sensitive information like e-mail accounts and banking accounts.

Security researchers also recommend that users use highly secure passwords. Check out our previous blog, “The Importance of a Strong Password” for password strength suggestions.

no comments |

You must be registered in order to write comments. To register as a new user click here.

If you're already registered, please leave a comment here

Leave a comment