The Long-Awaited iPhone 6 Will Be Here Sooner Than You Think – Here’s What You Can Expect!
While the iPhone 5S is less than six months old, there’s been a lot of rumors about its replacement. And if previous versions are any indication, the...
1 min read
Last week, security researchers revealed details about a dangerous security flaw known as Heartbleed. The security flaw enables cybercriminals to access and steal data from compromised versions of OpenSSL, which is used to secure communications on many major websites on the Internet.
Since the vulnerability was disclosed, there’s been a lot of concern regarding what information can be stolen when the bug is exploited. When Security Watch conducted research to learn more, the results were alarming. According to researchers, a surprising amount of information, including login credentials and personal information, can be stolen by exploiting Heartbleed.
In addition, hackers may be able to steal the server’s private key, which is used to verify the following:
- The device is connecting to a real website.
- The information transferred is encrypted.
If the security flaw allows hackers to steal the server’s private key, the consequences are seriously concerning. Cybercriminals would be able to set up fake websites to intercept personal data, as well as decrypt encrypted network traffic.
Security Watch Puts Heartbleed to the Test!
Security Watch researchers were curious to see what type of information could be stolen by exploiting Heartbleed with a server running a vulnerable version of OpenSSL. During the test, researchers received information from the vulnerable server’s memory. After running tests for the entire day, Security Watch managed to collect a lot of information, including usernames, passwords, and session IDs.
According to one of the researchers, credentials can be stolen very easily and quickly, however, the request had to hit the server at the same time as someone logs in or interacts with the website, in order to steal personal information.
During a second test, researchers attempted to steal the private key from a vulnerable server. While it took hours and consumed a ton of bandwidth, the researchers were eventually successful at obtaining the private key.
For more details on Security Watch’s Test, visit http://securitywatch.pcmag.com/security/322691-heartbleed-is-scarily-easy-to-exploit. To learn more about Heartbleed, give us a call at {phone} or send us an email at {email}. {company} can help you informed regarding the latest security threats and how to protect your business.
Download our eBook
7 Mistakes You're Making Without IT Support
by filling out the form below!
Spend & Enjoy More Time at Home with a Super Home Entertainment Network!
As you’re probably aware, sitting at home watching TV no longer means flopping on the sofa and watching whatever the big networks have scheduled for...
Tis The Holiday Season To Explore Windows 10
The new Windows 10 devices are the perfect business solution for any company looking to capitalize on versatile, secure, flexible, and powerful...
.png?width=288&height=123&name=Valeo-Logo-White%20(1).png){kind=logo}