The Heartbleed Security Issue and the Passwords You Need to Change

Home » Web Design Blog » TrueHit News » The Heartbleed Security Issue and the Passwords You Need to Change

The Heartbleed security flaw is a serious vulnerability in the popular OpenSSL cryptographic library. This weakness allows hackers to steal protected information, under normal conditions, by the SSL (https://www.YourWebsite.com) encryption used to secure the Internet.

The good news is that a patch has been issued for this security flaw. We have implemented this fix on our servers as soon it was issued and most organizations are doing the same around the globe.

The bad news is that you really should change most of the passwords you are using around the web.

If you need to know if your website is still vulnerable, contact us for our services, and we will test your website.

We suggest changing your passwords to all accounts, including:

Website Control Panels
WordPress Installs
All Online Financial Accounts
Facebook
Instagram
LinkedIn
Pinterest
Tumblr
Twitter
All Google Services (Gmail, Google+, YouTube and so on…)
All Yahoo Services (Yahoo Mail, Yahoo Stores, and so on…)
Amazon Web Services
Etsy
GoDaddy
Flickr
Netflix
SoundCloud
USAA
Dropbox
GitHub
IFTTT
OkCupid
SpiderOak
Wikipedia
Wunderlist

The Heartbleed bug is also present in hardware, such as some routers and switches, have also been affected.

Cisco
Cisco is currently investigating its product line for affected products and will issue free software updates that address the vulnerabilities.

F5 Networks
F5 Networks says that some of its virtual servers with a specific SSL profile are vulnerable. Management interfaces are also vulnerable.

The company has noted versions known not to be vulnerable on its website, and customers can upgrade to these versions.

Juniper Networks
Juniper Networks has posted a list of vulnerable, not vulnerable and under-investigation products. It is working on providing fixed versions of code for its products as well as workaround solutions.

FortiGuard
FortiGuard has issued a firmware update for its FortiOS. Firmware updates for FortiAuthenticator, FortiMail and FortiRecorder will be available on April 11. Firmware release dates for other products is pending.

 

 

Resources and Other Links
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/?utm_cid=mash-com-fb-main-link
http://mashable.com/2014/04/10/heartbleed-networking-routers/
http://heartbleed.com/