Heartbleed, an encryption bug, become one of the biggest security threats the Internet has ever seen.
The security bug has disturbed many well-known services and websites — ones you may utilize consistently, like Facebook, Twitter and Google — and may have silently revealed your sensitive personal information, for example, login names, passwords and credit card numbers.
Heartbleed is a serious vulnerability in the popular OpenSSL cryptographic application collection library by a software security firm known as Codenomicon and a member of Google’s security crew.
It compromises the secret keys that used to recognize the service providers and to encode the activity. Assuming that the vulnerable version of OpenSSL is in use, it can be abused.
Half a million sites are thought to have been affected.
A security patch to fix the bug was already out. Some Companies which were vulnerable to the bug have already up-to-date their servers, including WordPress, Google, Dropbox, Amazon Web Services and Akamai etc, but a lot of websites are still playing catch up.
Although changing your password regularly is always good practice, if a site or service hasn’t yet patched the problem, your information will still be vulnerable.
Beware
You can check by yourself, any website, its vulnerability by using Filippo Heartbleed Checker and LastPass Heartbleed Checker Tools, or you can ask for your company if they have already fixed the flaw. Update your password using upper case, lower case, numbers and symbols, if you found the particular website is not vulnerable.
Tip from Experts
- Do not use the same username and password on the multiple website.
- For banking and email you should have to use different username and passwords.
- Keep an eye on any suspicious activity against your online accounts (banking, webmail) for at least the next week.
- Keey changing your password regularly
Have something to add to this story? Share it in the comments.