Heartbleed

Heartbleed

Following the Heartbleed security bug in the OpenSSL Cryptography library, a fixed version of OpenSSL was released on the 7 April 2014.

What is OpenSSL?

Open SSL is an open version of the SSL and TLS protocol that was founded in 1998 to provide a free set of encryption tools code on the internet. It is believed to be used in over 2/3rds of all webservers. It is meant to secure communication between clients and servers so that no eavesdropping or tampering with the data can take place.

What is Heartbleed?

The Heartbleed bug allows anyone on the internet to be able to read the memory of protected systems that use the vulnerable version of OpenSLL.

What leaks if I have this version?

It enables attackers to gain access to privileged information or credentials without a trace. Once credentials or your secret key are exposed any data going to or from your site can be intercepted, decrypted and changed, this means that all your sites usernames and passwords will be visible.

How do I know if my site is at risk?

There are several sites that you can check this yourself, however we highly recommend you call in an expert to assess your entire site. It is not just websites that are affected, your mail server and remote connections may be at risk too.

You can check your site here – https://www.ssllabs.com/ssltest/analyze.html

Alternatively, you can get on with your business and let us take care of it for you.

[note note_color=”3e73b7″ text_color=”1b467e” radius=”6″]Telephone – 07787 127 100
E-Mail- info@opsactive.com
[/note]

Or head over to our Contact us page.

Acronyms

SSL – Secure Sockets Layer

TLS – Transport Layer Security