Saturday, 12 April 2014

‘Heartbleed’ Bug: ‘Change ALL Of Your Passwords’ Warn Security Experts

Unknown  /  at  14:08  /  No comments


Do you listen to sound advice? Is there too much vulnerability on the Internet?  What happens when you get a potentially dangerous issue and don’t listen to what people say?  Let me just say that there will be consequences for sticking your head in the sand, so to speak.  Leading security experts are advising the general public to change their passwords in the aftermath of the Heartbleed bug, found at the very core of the Internet.  If I were you, I would sit up and listen to that advice.
The advice should be considered as a sweeping one. ALL of your passwords should be changed. And yes, that includes your financial banking ones, your email accounts, your social networks and anywhere that you have visited to buy anything online.
heartbleed
The Heartbleed security bug affects a widely used technology known as OpenSSL.  This technology is used to encrypt communications on the Internet.  You will have encountered OpenSSL nearly every time you have visited a website.  You know it is there because there is a visual representation in the form of a little padlock image in the corner of your browser window, indicating the website is ‘secure’
Unfortunately, a team of three security researchers have established a fatal flaw at the core of some versions of OpenSSL, which could have let hackers steal password and other personal data without a trace, leaving no way to follow them, for up to two years.
Whilst the software flaw has been fixed and is being rolled out by different companies worldwide, the problem is too late if your communications have been followed by hackers at any period of time in the last two years.
In the last few days it has become substantially easier for anyone to exploit the hack, security company NCC Group has warned.  “The level of knowledge now needed to exploit this vulnerability is substantially less than it was 36 hours ago…Someone with a moderate level of technical skills running their own scripts – the Raspberry Pi generation – would probably be able to launch attacks successfully and gain sensitive information,” the firm told the BBC.
Meanwhile, the blogging platform Tumblr has advised users to change all of their passwords  and not just for its own site.
They said in a statement, “Bad news. A major vulnerability, known as “Heartbleed,” has been disclosed for the technology that powers encryption across the majority of the Internet. That includes Tumblr.  We have no evidence of any breach and, like most networks, our team took immediate action to fix the issue.  But this still means that the little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit.This might be a good day to call in sick and take some time to change your passwords everywhere—especially your high-security services like email, file storage, and banking, which may have been compromised by this bug.”
A security researcher at Google and three researchers from Codenomicon discovered the bug. Worryingly, the vulnerability has existed since at least December 2011, though it is unclear if hackers have used it.  The team of researchers who found it add that there is a “bright side” to their discovery, “For those service providers who are affected this is a good opportunity to upgrade security strength of the secret keys used. A lot of software gets updates which otherwise would have not been urgent. Although this is painful for the security community, we can rest assured that infrastructure of the cyber criminals and their secrets have been exposed as well.”
OpenSSL released the following statement along with the patch,  “A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server.  Only 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1. Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley and Bodo Moeller for preparing the fix.”








NOTE: Feel Free To Comment....

Share
Posted in: Posted on: Saturday, 12 April 2014

0 comments:

About

This blog belong to all our youngster friendz, who believe in sharing their knowledge with others and want to try to hackin', crackin' , full version applications at free of cost.
you will found here valuable stuffs.

Labels

adf.ly blocked (1) android (109) Android and PC (19) android games (11) android news (3) android tricks (43) Antivirus (11) Anvsoft (1) apple (40) asha phones (1) avast (1) avast pro antivirus 8 2013 (1) avg (1) AVG pc tuneup 2013 full version (1) avira (1) blackberry (1) blogspot (2) body_language (1) bootable usb (1) Browsers (16) c cleaner pro + business (1) Cheatbook 2013 (1) Chetan Bhagat (1) compressor (1) crac (1) Crack (1) crack + keygen (2) cyberlink power2go full version (1) daemon tools 5.2 full version (1) daemon tools patch (1) defender (2) dictionary (1) direct link (1) DivX Pro 7 (1) Ebook (2) eset (1) etc (1) facebook (16) Firewall (2) free recharge tricks (1) free sms (1) FRUIT NINJA for windows full version (1) full version (8) Full Version MS Office 13 (1) GTA Sandreas (1) hack (4) hack pc (3) hacking using keylogger (1) hardware (1) hiDownload platinum 8 (1) how to (6) how to install .net (1) HTML (1) idm (1) idm crack (1) IDM full version (1) image editor (2) install .net in windows 8 (1) internet tricks (37) iPhone 5c (2) job (1) k j activator (1) kaspersky (2) keygen (2) leaked images (1) license key (1) manual updates (1) mediafire (1) MEDIAFIRE DOWNLOAD (2) mediafire link (2) mobiles (42) music player (1) nfs most wanted (1) Office 13 Activator (1) official site update (1) offline updates (1) patch (4) PC (3) pc customize (1) PC Drivers (2) pc games (15) pc games cheats (11) PC Software (152) PC tricks (146) PdaNET 3.50 (1) PDF (3) phone specifications (43) pic viewer (3) power iso 5.6 (1) premium zbigz account (1) problem with .net in windows 8 (1) review (11) reviews (2) Revolution 2020 PDF (1) science (2) sharebeast download (6) sharebeast link (2) symbian mobiles (2) tech knowledge (33) Tech News (343) tech reviews (146) Torrent To IDM (1) Tune-Up 2014 Full Version (1) Ubuntu Mobiles (1) video player (13) video tutorial (1) Web design (1) window 8.1 tricks (12) windows 8 activator (1) Windows 8 USB Installer Maker (1) windows phones (16) winrar 5 full version (1)
Copyright © 2014 SimplyGet. WP Theme-junkie converted by Bloggertheme9
Blogger templates. Proudly Powered by Blogger.
Related Posts with Thumbnails