Alert! Heartblead Bug Threat Level Very High – Change Your Passwords! | COMPUTECH

Computer Repair, Laptop Repair, Networking Services, Data Backup Services and More!

   
     Call Us (208) 525-5139
465 May St. Idaho Falls, ID

Tap To Call

Alert! Heartblead Bug Threat Level Very High – Change Your Passwords!

Change Your Passwords Immediately!

heartbleed

heartbleed is a ridiculously scary vulnerability in OpenSSL crypto library used by servers all over the world. The bug allows an attacker to steal highly sensitive data as if there was no SSL/TLS security at all.  All varieties of data applications are vulnerable in this instance including, web, instant messenger, mobile, email, VPN’s and even your e-mail.

When you visit a website and you see that the URL in your browser starts with an HTTPS it indicates SSL is being used to secure your connection.  Now not all sites utilizing SSL are vulnerable. Just those using the extremely popular OpenSSL library versions 1.0.1 through 1.0.1f.

The scariest part about all this is that it affects nearly every major server to some degree. Even windows servers running IIS have load balancing servers, mail servers and all sorts of other support servers that likely use OpenSSL.

[headline style=”3″ color=”red” tag=”h1″]Bottom line is that everyone should be changing their passwords today, and not just for vulnerable sites. [/headline]

The truly scary part is if the server in question has been infiltrated prior to upgrading to the latest secure version of OpenSSL. In order to be certain your customer data is secure you need to upgrade then reissue your SSL certificate. This is very costly and is a step that many webmasters, especially of smaller websites will likely skip.

You can view a fuller list of sites and if they have been patched or not here at Cnet

Even worse this hack is not hard to deploy! A popular security auditing tool called metasploit  has the heartbleed exploit alread available for download and use for good and bad intentions. What does this mean? It means that the 15 year old kid down the street that thinks he is a hacker can steal your sensitive information.

Watch the video below to learn more about how heartbleed works.

Heartbleed & SSL Trust

Short List Of Popular Webites Vulnerable as of 4/9/2014

Testing yahoo.com… vulnerable.
Testing imgur.com… vulnerable.
Testing stackoverflow.com… vulnerable.   <— popular security website!
Testing flickr.com… vulnerable.
Testing adf.ly… vulnerable.
Testing outbrain.com… vulnerable.
Testing archive.org… vulnerable.
Testing php.net… vulnerable.
Testing steamcommunity.com… vulnerable.
Testing duckduckgo.com… vulnerable.
Testing entrepreneur.com… vulnerable.
Testing zoho.com… vulnerable.
Testing usmagazine.com… vulnerable.
Testing fool.com… vulnerable.
Testing digitalpoint.com… vulnerable.
Testing squidoo.com… vulnerable.
Testing cheezburger.com… vulnerable.
Testing weather.gov… vulnerable.
Testing city-data.com… vulnerable.
Testing mail.com… vulnerable.
Testing rollingstone.com… vulnerable.
Testing fatwallet.com… vulnerable.
Testing inc.com… vulnerable.
Testing searchenginejournal.com… vulnerable.
Testing arstechnica.com… vulnerable.
Testing economist.com… vulnerable.
Testing androidcentral.com… vulnerable.
Testing kaspersky.com… vulnerable.  <— popular antivirus company!
Testing bizrate.com… vulnerable.
Testing creativecommons.org… vulnerable.
Testing skrill.com… vulnerable.
Testing bidorbuy.co.za… vulnerable.
Testing wikispaces.com… vulnerable.

Comments are closed.

Wordpress SEO Plugin by SEOPressor