heartbleed virusStill don’t understand the flood of information surrounding the Heartbleed vulnerability? Rest assured, you’re not the only one who’s confused. There’s a variety of sources telling us different things, so how can you handle the vulnerability properly? Well, it all starts with understanding the vulnerability itself.

What is Heartbleed?

Google and Codenomicon recently discovered the Heartbleed vulnerability in the popular OpenSSL software library. The vulnerability is essentially a server memory vulnerability, which allows cybercriminals to steal information from the Internet. When you’re using a website with a padlock beside the URL, the web connection is secure and encrypted, possibly by the OpenSSL software.

While the entire database isn’t vulnerable, transactions on websites will be vulnerable while the website is attacked by a cybercriminal. Server memory tends to be as current as the current transaction taking place, which means transactions from hours or days ago aren’t stored in memory; however, it’s imperative to avoid transactions online while the vulnerability is still unresolved.

What Can Be Done to Protect Yourself Against Heartbleed?

You’ve probably been told to change all of your online passwords, however, if a website is still vulnerable, your new password will be vulnerable as well. Here’s a few tips to help you protect yourself against Heartbleed:

  1. Use a site checking tool and check your favorite websites.
  2. Change passwords for vulnerable websites.
  3. Monitor vulnerable websites to verify that they’ve been patched and reissued new digital certificates.
  4. Change your password again after you’ve verified that they’ve been patched and reissued new digital certificates.

Make sure you’re checking all of your commonly used websites. If a website runs on OpenSSL, it should patch the vulnerability and communicate with you to let you know, however, don’t expect all websites to contact their users. Change your passwords, but change them again when an affected site patches the vulnerability.

To learn more about the Heartbleed vulnerability, give us a call at (415) 294-5250 or send us an email at info@ontimetech.com. On Time Tech can help you stay up-to-date and protected against the latest security threats.

Author: Lance Stone, Date: 2014-04-14

On Time Tech is your One Click & Fixed San Francisco Managed IT Services & IT Support Company.

San Francisco IT Support from On Time Tech Allows You Optimum Business Growth

So, your current IT management – whether handled by in-house staff or an outsourced IT management compan[..]

Read More

We’ve Got the “One Click & Fixed” IT Solutions Your California Business Needs

These days, people are looking for convenience in computer support services that don’t waste their time [..]

Read More

The Benefits of Using IT Managed Services 

Discover the many benefits of partnering up with an IT Managed Service Provider. Today, many businesses a[..]

Read More