Windows and Outlook search annoying you? Be in to win one of ten Lookeen Desktop Search licenses now

Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Heartbleed vulnerability major issue for website owners
Posted on 9-Apr-2014 14:04. | Tags Filed under: News.



InternetNZ (Internet New Zealand Inc) and the New Zealand Internet Task Force (NZITF) are today warning website owners that their site’s security may have been breached and private information, including logons and passwords, may have been stolen after the HeartBleed vulnerability was identified in the last 24 hours.

InternetNZ CEO Jordan Carter said website owners are advised to check their sites and patch them where required. Individual users should change their passwords as a matter of course.

“Website owners shouldn’t panic, but quick action is required by those using vulnerable versions of OpenSSL,” said Mr Carter.

The vulnerability in OpenSSL software, commonly used to secure web sites, is easy to exploit and virtually impossible to detect when it has been exploited. Any web site using a vulnerable version of OpenSSL may have been attacked by criminals stealing data or eavesdropping on communications to and from the site. Now that this vulnerability is widely known the likelihood of criminals using this exploit are significantly higher.

To fix the vulnerability, website hosts are advised to follow the below list in the order provided:

1. Establish if your site’s servers are vulnerable. This can be done by visiting https://www.ssllabs.com/ssltest
2. Patch the vulnerable servers.
3. Revoke/reissue certificates. This is an extremely important step as the servers may have been compromised for some time, without detection.

Patching alone will reduce the risk of future data compromises, however it cannot protect data that has already been captured. As usual, individuals should have separate passwords for different log-ins, and InternetNZ and the NZITF recommend changing those passwords regularly.



comments powered by Disqus


Trending now »

Hot discussions in our forums right now:

Anyone know what this object is.
Created by psychrn, last reply by SepticSceptic on 11-Feb-2016 12:35 (18 replies)
Pages... 2


Netflix Crackdown - have you been affected?
Created by Paul1977, last reply by dclegg on 11-Feb-2016 12:05 (361 replies)
Pages... 23 24 25


Anyone know what this symbol on the footpath is? Circle with H's around it
Created by timmmay, last reply by timmmay on 11-Feb-2016 11:15 (17 replies)
Pages... 2


What would you do if you got this text?
Created by kiwifidget, last reply by andrew027 on 11-Feb-2016 10:52 (17 replies)
Pages... 2


Whats something small that really annoys you?
Created by Finch, last reply by Rikkitic on 9-Feb-2016 10:05 (473 replies)
Pages... 30 31 32


Sex toys and Waitangi Day - Whats your take on the flip flopping day.
Created by Mspec, last reply by Reciprocity on 11-Feb-2016 10:06 (112 replies)
Pages... 6 7 8


What is H/P Out?
Created by simon14, last reply by gbwelly on 8-Feb-2016 21:02 (14 replies)

2.4ghz Wifi - You just can't win
Created by Yabanize, last reply by 1101 on 11-Feb-2016 11:24 (36 replies)
Pages... 2 3