Heart bleed is the latest Cybersecurity Scare.
This week a vulnerability in OpenSSL was announced. OpenSSL is the open source library that many computers use to encrypt data across the internet.
The vulnerability also known as heartbleed ( CVE-2014-0160) allows an attacker to gain valuable information such as usernames, passwords and financial information directly from the vulnerable web server’s memory.
How does this affect the average internet user? Many popular websites, and online cloud applications use OpenSSL.
Fortunately, there is a fix out there; however, we don’t know who has fixed what and when. Since we don’t know which servers out there have been patched yet, it’s a good idea to play it safe and start changing your passwords now and then change them again soon in case the patches were implemented after your first password change.
This is a serious matter and if you haven’t been practicing good password security, this is a perfect time to start. If you are looking for more information regarding this vulnerability, just do a search on your favorite search engine for heartbleed and there will be numerous articles to read.
Best,
Robert Galloway, Security+
