We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

croom new

Preferred Blog

Preferred has been serving the Tinley Park area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Heartbleed Bug Threatens Popular Websites!

On April 7th, a new bug on the Internet was discovered that's putting millions of users' personal data at risk. Given the name "Heartbleed bug," it's capable of allowing infiltrators to collect information while you are securely browsing a SSL/TLS website. Since SSL/TLS is so widely used, it's very probably that your personal data is at risk.

What the Heartbleed bug essentially does is render privacy in the OpenSSL cryptographic library obsolete. Two of the biggest and most publicized websites affected that utilize OpenSSL security are sites associated with Google and Yahoo. These sites are getting the most media attention in regards to Heartbleed, but the fallout actually goes beyond these two sites and touches on every single website that uses OpenSSL security--which equates to more than two-thirds of all websites in the world!

The Heartbleed bug only applies to version 1.0.1 and 1.0.2 of OpenSSL. This vulnerability allows hackers to obtain private keys needed to view, and even steal, private information associated with a user's breached account. If your online accounts are affected and your identity is stolen, then you will be in for a world of heartache.

At this point, you and millions of users around the world are asking the big question, "How could something like this happen?" Apparently, the problem lies not in the SSL/TLS specifications, but rather, the vulnerability stems from an implementation problem. It turns out that a programming mistake is responsible for leaking information from services and applications using OpenSSL. Typically, a bug of this nature is detected and fixed as soon as it's found (which is why it's so important to update your software). However, this bug wasn't taken care of, and to make matters worse, this particular bug has been exposing sensitive data to hackers going all the way back to December 2012.

How do you know if you've been hit by the Heartbleed bug? Unfortunately, you can't know for sure. The bug leaves no trace of a hacker's activity, which means that you won't know that you've been hit until:

  • Charges show up on your credit card statement.
  • You find yourself locked out of your accounts.
  • You see a bogus loan taken out in your name.
  • You find yourself victimized by any other of the fallouts associated with identity theft.

The number of websites affected is pretty massive. To help you find out if a website that you frequently use is compromised by the Heartbleed bug, check out this list from GitHub of the most popular websites left vulnerable by the bug.

You can also enter the websites that you frequent into this Heartbleed bug checker from LastPass. This tool will inform you if the website in question has applied a security patch or not.

If you have accessed an affected site over the past two years, you should change your password immediately. In fact, because of threats like the Heartbleed bug, it's a best security practice to regularly switch out old passwords for new ones. We recommend doing this exercise once per quarter.

To find out for sure if your company has been breached or not by the Heartbleed bug, you can give Preferred a call at 708-781-7110. We can arm your business with our Unified Threat Management tool, which is the top enterprise network security solution on the market. Reach out to us today to find out more.

What’s the Secret to Multitasking?
Wearable Technology Just Got a Facelift
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Monday, December 23 2024

Captcha Image

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      Qr Code

      Blog Archive

      Latest Blog Entry

      With Christmas a couple of days away, most of us are either wrapping up our shopping or wrapping up the presents we’ve already purchased. If you are looking for a last-minute gift to give the tech lover in your life, here are three that we found really cool.

      Latest News

      Best Places to Work - 5 YEARS STRONG!!

      Preferred is once again, honored for being a Best Place to Work for the fifth straight year!  Our team is what makes Preferred a Best Place to Work.  

      Daily Herald Suburban Business 2024 Best Places to Work Honorees The Daily Herald Suburban Business has announced the names of 51 companies, in 5 categories of competition, that are honored as the 2024 Best Places to Work in Illinois. This statewide survey and awards program was designed to identify, recognize and honor the best places of employment in Illinois, benefiting the state's economy, its workforce and businesses.