Hello everyone,
Recently a new vulnerability called Heartbleed has been sitting on website servers that hits an Encryption Service named OpenSSL. This is popular among many websites.
This attack has not been detected for atleast 2 years but it is unclear exactly how long its been around and how many hackers have known about it. If you put security risks in “pick a number between 1-10, 1 being good, 10 being bad”, this has been noted as 11.
DO NOT PANIC!
Some website services such as Yahoo have come out to say that it is a high chance they were affected. They and many others are currently checking and patching up the vulnerability on their websites so you can be secure again.
So what does this mean?
Well, if a website you use has been affected, the hacker/s have been able to access your password and other details. So this means you will need to change your password to ensure safety, BUT! if you have found sites you use could of been affected, do not change it straight away until it is absolutely clear you have some sort of information the patches have been applied, otherwise all you have done is give the new password to the hacker and have done nothing to help yourself. At this time, this attack has not done severe damage and with the patches being made, should ensure no damage is done in the future.
We will be building a list on this post to list the affected sites and when you can change your password. You can also Google around if you do not want to wait.
Keep safe everyone!
UPDATE:
Pretty much all sites should now have a patch to remove the dangerous bug.
If you are still unsure you are secure, it is now recommended to goto your favourite sites you use to login and change those passwords, if you use the same password on multiple sites, regardless if that site uses OpenSSL or not, there is a chance hackers have your password and will attempt to look for emails and other big personal sites and try your password.
For serious websites like banks and Government departments, check your local news to make sure you are secure.
If you have any questions or still have doubts, comment below or give us a call or email.
