Everything You Need to Know About Heartbleed: The Latest and Greatest Threat to Your Data

heartbleed virusStill don’t understand the flood of information surrounding the Heartbleed vulnerability? Rest assured, you’re not the only one who’s confused. There’s a variety of sources telling us different things, so how can you handle the vulnerability properly? Well, it all starts with understanding the vulnerability itself.

What is Heartbleed?

Google and Codenomicon recently discovered the Heartbleed vulnerability in the popular OpenSSL software library. The vulnerability is essentially a server memory vulnerability, which allows cybercriminals to steal information from the Internet. When you’re using a website with a padlock beside the URL, the web connection is secure and encrypted, possibly by the OpenSSL software.

While the entire database isn’t vulnerable, transactions on websites will be vulnerable while the website is attacked by a cybercriminal. Server memory tends to be as current as the current transaction taking place, which means transactions from hours or days ago aren’t stored in memory; however, it’s imperative to avoid transactions online while the vulnerability is still unresolved.

What Can Be Done to Protect Yourself Against Heartbleed?

You’ve probably been told to change all of your online passwords, however, if a website is still vulnerable, your new password will be vulnerable as well. Here’s a few tips to help you protect yourself against Heartbleed:

  1. Use a site checking tool and check your favorite websites.
  2. Change passwords for vulnerable websites.
  3. Monitor vulnerable websites to verify that they’ve been patched and reissued new digital certificates.
  4. Change your password again after you’ve verified that they’ve been patched and reissued new digital certificates.

Make sure you’re checking all of your commonly used websites. If a website runs on OpenSSL, it should patch the vulnerability and communicate with you to let you know, however, don’t expect all websites to contact their users. Change your passwords, but change them again when an affected site patches the vulnerability.

To learn more about the Heartbleed vulnerability, give us a call at (425) 998-9199 or send us an email at cslade@silvertipit.com. Slivertip IT can help you stay up-to-date and protected against the latest security threats.

IT Support Companies in Seattle

“I can’t emphasize enough how much we rely on and trust the IT professionals from Silvertip IT. Silvertip is always available when needed, whether remotely, in our office, or over the phone.  We can rely on Silvertip IT whether it’s during office hours, evening hours, or on weekends. And believe me, we needed them because before they we found Silvertip we had our share of IT issues!”

-Shimizu and Shimizu CPA
read more»