Heartbleed bug - OpenSSL has been vulnerable for 2 years

[Mousey]

This is really really a bad thing....

You do not have permission to view link Log in or register now.

......
Attackers can exploit vulnerable versions of the open-source software known as OpenSSL – which runs on millions of web servers – to steal passwords, credit card details, encryption keys and other sensitive data, without leaving any trace.


This means that any data sent over the web during the last two years has potentially been compromised. It is not known how widely the bug has been exploited. However, researchers are advising people to change all of their passwords. ......

 

[Dinahnana]

This is really really a bad thing....

You do not have permission to view link Log in or register now.

Very scary stuff.

 

[BETAT]

An article to add for further info:

You do not have permission to view link Log in or register now.

 

[Mousey]

Feds issue warning: Hackers trying to exploit 'Heartbleed' bug

You do not have permission to view link Log in or register now.

BOSTON (Reuters) - The U.S. government warned banks and other businesses on Friday to be on alert for hackers seeking to steal data exposed by the "Heartbleed" bug, as a German programmer took responsibility for the widespread security crisis.

On a website for advising critical infrastructure operators about emerging cyber threats, the Department of Homeland Security asked organizations to report any Heartbleed-related attacks, adding that hackers were attempting to exploit the bug in widely used OpenSSL code by scanning targeted networks.

Federal regulators also advised financial institutions to patch and test their systems to make sure they are safe.....