Showing posts with the label Risk

Are You Affected by the HeartBleed Bug

HeartBleed Bug is a vulnerability found in the OpenSSL software using in many servers. Details of the bug can be found in The HeartBleed Bug site. I did not realize the seriousness on this until I started seeing list of compromised sites.

A simple to understand list is found in Mashable and a more comprehensive list is found in Github site. However, both sites will only provide you the list of sites they have tested. If you have sites that are not listed and would like to check it yourself, you can use the online tool provided by LastPass.

Some sites I tested do not provide enough information to the tool so am not sure whether it is vulnerable or not and whether it has been patched. To be safe, if unsure, just change the password.

A better tool for checking is available here.
Another tool for checking but goes beyond only Heartbleed.available here.

A graphical explanation of the exploit can be found here.

Found a Q&A on this topic.