New Post has been published on The Rakyat Post
New Post has been published on http://www.therakyatpost.com/news/2014/04/10/heartbleed-may-cause-more-than-just-heart-bleeds/
'Heartbleed' may cause more than just heart bleeds
A new security threat on the web is reportedly able to scrape a server’s memory, where sensitive user data is stored, including private data such as usernames, passwords, and credit card numbers.
According to cnet.com, the bug called “Heartbleed” was a serious issue that could affect up to 500,000 servers.
Meanwhile CNN said “Heartbleed” is a flaw in OpenSSL, an open-source encryption technology that is used by an estimated two-thirds of Web servers.
It is behind many HTTPS sites that collect personal or financial information.
HTTPS sites are typically indicated by a lock icon in the browser which tells users the site is safe and the information they are sending online is hidden from prying eyes.
The bug was discovered by a Google researcher and an independent Finnish security firm called Codenomicon.
The researchers have put up a dedicated site to answer common questions about the bug.
To protect user data and encryption keys, sites must upgrade to the patched version of OpenSSL, revoke compromised SSL certificates and get new ones issued.
Major websites like Google, Facebook, Yahoo and Amazon said they have taken steps to secure their sites.
Some of the steps that can be taken are to update passwords across the various Web pages you use, but only once the site has already taken the proper measures to address “Heartbleed”, or the new password could also be compromised.
Once confirmation is received of a security patch, change passwords of sensitive accounts like banks and email first.
Do not be afraid of reaching out to small businesses that have your data to make sure they are secure and keep a close eye on your financial statements for the next few days.