Skip to content
Menu
Bayou Technologies | Lake Charles, Louisiana | Technology | Cybersecurity | Communication | Marketing
Computer IT Services & Marketing
  • Technology
    • Managed Services
    • Computer Repair
    • Consulting
  • Cybersecurity
    • BDR
    • Network Security
    • Computer Security
    • Data Recovery
  • Communication
    • Cabling
    • Wireless Networking
    • Phones
  • Marketing
    • Website Development
    • Search Engine Optimization
    • Social Media & Online Presence
    • Location Scan
    • Website & Email Management
    • Online Advertising
    • Multimedia Design
    • Newsletter
  • CALL: 337-214-1172
Widgets

HOME  |  BLOG  |  REMOTE SUPPORT

Home
Support
Blog
Contact
Close Menu
Google Shopper comes to the iPhone
April 17 2014

What To Do About The Heartbleed Bug

wukovits Uncategorized Heartbleed Bug, LastPass, OpenSSL, Secure Sockets Layer, SSL, TLS, Transport Layer Security, VPN

The Heartbleed BugMost recently the technology sector was shaken by the discovery of the Heartbleed Bug, a serious vulnerability for Internet security. This affects nearly everyone that has some sort of online account, and understanding the issue is important, as is utilizing a smart approach to protect yourself.

The Heartbleed Bug is a weakness in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, which serve to provide secure Internet transactions between web browsers and web servers. Almost anytime you provide login information for a website, that website’s server is using SSL/TLS encryption to provide communication security and privacy for your login information. Many websites utilize the OpenSSL cryptographic software library and herein lies the security hole.

When a web browser and a web server are passing data back and forth, they “check” to see if the other computer is still available by sending a small packet of data, or a “heartbeat”, which is then confirmed by the other machine. The Heartbleed Bug allows hackers to send a false packet of data which fools the other machine into sending data stored in memory, which could provide the hackers with access to quite a bit of sensitive login information.

Another point of concern is that the flaw, though just discovered, has been active for at least two years and is undetectable by current standards. If you read any news on the Internet, I’m sure you’ve seen a lot of articles about this and the need to go change your passwords, but WAIT!

If you go and change your password and that website server hasn’t updated their OpenSSL software library, that change is all for naught: the flaw is still in place. You’ll need to verify that the web server is running the “safe” OpenSSL version before you change your password.

There exist a few places that will allow you to check a website for this vulnerability, and I recommend you go start checking the websites you use.

https://filippo.io/Heartbleed/

https://www.ssllabs.com/ssltest/

https://heartbleed.criticalwatch.com/

https://lastpass.com/heartbleed/

The last site I mentioned is something the folks at LastPass were nice enough to let people use. Anyone that uses their free password management service has access to a few other tools that allow you to check for ALL your passwords that you store with them. Their scanner also works a little differently and checks for other past vulnerabilities and steps to take to ensure your privacy. I’m a wholehearted supporter of LastPass and strongly suggest you give their free service a try.

It should be noted that the Heartbleed Bug could very well continue to affect our Internet as we know it, with the vulnerable OpenSSL software library baked into a variety of Internet hardware and third-party security products, like Virtual Private Network (VPN) tools and commercial firewall products. For businesses that maintain their own servers with VPN networks in place, you’ll need to check with your IT people to make sure you’re going to be safe.

Don’t delay and start checking the security of the websites you use immediately. If that website hasn’t patched their OpenSSL, then wait to change your password until they do.

Make Your Facebook Experience Better Shipping + Streaming = Amazon Prime

Related Posts

Hackers Are Using DDOS Attacks To Profit Off Businesses

Blog, Business Advice, General Interest, Ransomware, Recent News, Security, Technology News, Uncategorized

Hackers Are Using DDOS Attacks To Profit Off Businesses

New Version Of Jupyter Malware Spotted In The Wild

Blog, General Interest, Malware and Virus Protection, Recent News, Security, Technology News, Uncategorized

New Version Of Jupyter Malware Spotted In The Wild

Cisco Data Center Manager Software Users Should Patch Immediately

Blog, General Interest, Malware and Virus Protection, Recent News, Security, Technology News, Uncategorized

Cisco Data Center Manager Software Users Should Patch Immediately

Recent Posts

  • Large Supermarket Chain Kroger Suffers Data Breach
  • Google To Add Password Breach Prevention Feature To Android
  • Trusted Google Domain Helped Hackers Get Past Security

Archives

Categories

Get a Domain Registered


$.99* .COM Domain! Get going with GoDaddy!

Back To Top
Bayou Technologies | Lake Charles, Louisiana | Technology | Cybersecurity | Communication | Marketing
  • Home
  • Technology
  • Cybersecurity
  • Communication
  • Marketing
  • Newsletter
  • Blog
  • Support
  • Contact

BBB Logo

Bayou Technologies, LLC
✖
Bayou Technologies is a BBB Accredited Busines
A+
On a scale of A+ to F

Reviewed, Evaluated and Accredited

Meets All 26 Standards of Accreditation

BBB Accredited since 1/1/2012

Click here for BBB Business Report on Bayou Technologies, LLC

BBB Accredited:

BBB Rating as of:

Verify Bayou Technologies, LLC
Bayou Technologies, LLC © 2019
Website Development and Marketing in Lake Charles, Louisiana
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT