An online OpenSSL bug called "Heartbleed" is affecting a major percent of the Internet, which means that a password change is highly suggested for hundreds of millions of people who use websites like GitHub, Tumblr, Yahoo, Google, and many other sites.
Over 500K websites that use OpenSSL, a security system, are now vulnerable. This vulnerability allows hackers to exploit a system where, let's say you and your bank connect securely and send data. They send pings, or "heartbeats" to show the connection is still active. However, hackers can connect through an exploit and send malicious heartbeats, which make the computer send data to the hacker, which allows the hacker to access immense amounts of data.
ABC news reports:
- A Google spokesperson said in an emailed statement, “The security of our users' information is a top priority. We proactively look for vulnerabilities and encourage others to report them precisely so that we are able to fix them before they are exploited. We have assessed the SSL vulnerability and applied patches to key Google services.” They later added to their statement saying that, "The security of our users' information is a top priority. We fixed this bug early and Google users do not need to change their passwords." Google also posted a blog today detailing the fix for the big and pointing out that Android users are not vulnerable.
More on the Heartbleed bug will be posted when new details arise. For now, change all of your passwords and don't log in to major sites, such as banking, email, and social networking.
Remember, I took the risk to get this out to the public, so the least you could do is subscribe, like, comment, and enjoy! Now to change my codes...
Remember, I took the risk to get this out to the public, so the least you could do is subscribe, like, comment, and enjoy! Now to change my codes...
No comments:
Post a Comment