OpenSSL, an extremely widespread cyptographic library used for Internet security, has just announced a major security breach and the patch to fix it. How bad is it? Pretty bad. The bug allowed hackers to view data in a server’s system memory without leaving any trace. This type of data can include passwords, sensitive documents, encryption keys – anything. How do I fix it? If you use one of the affected versions of OpenSSL, your security professional will have to install the patched version, reset your encryption keys, and take other appropriate steps related to a possible server compromise. For more details, see the official breakdown of the Heartbleed bug. Times like these are why you should always, always make backups.
Image Source: Flickr
By Sharon Campbell