Limited time offer









NEWS ALERT! Massive security flaw threatens Internet

Heart Bleed bug exploits popular encryption tool – most Internet servers affected – fix is available but needs to be applied swiftly – even cyber criminals are exposed.
An enormous security flaw has been discovered that threatens the entire Internet. Dubbed Heart Bleed, its panicked internet services providers and sent many system administrators – the people who look after an organisation’s computer networks – into a bit of a frenzy.
The vulnerability is in something called OpenSSL which is enormously popular open-source software that is broadly used to encrypt web communications. It’s widely thought to affect the majority of servers that drive internet traffic.  The vulnerability allows attackers to read the memory of a vulnerable server essentially leaking the memory content of what the server sends and receives from users, hence its name Heart Bleed. However, only up to 64k of memory can be read but that said, the attack can be repeated indefinitely allowing attackers to keep going back for more information. A server’s memory includes user details, passwords, everything that is communicated to and from the server and also SSL private keys.  If these keys are stolen hackers can eavesdrop on communications, steal data from the service and users and also impersonate services and users. It’s difficult to overstate the number of websites that could be vulnerable but think in terms of some social networking sites, all manner of company websites, e-commerce operations and even government run websites and you’ll get some sense of the scale.   However, not all web sites or services are affected. For example, we know that Facebook, Twitter, Gmail, Linkedin and Microsoft are not vulnerable to the potential exploit. It’s not known whether the vulnerability has been exploited by hackers yet. But it could have been. And if so, hackers are certainly not going to put their hands up and admit to it. Researchers have already demonstrated how successful exploitation can take place by targeting the vulnerability.  This site provides some information and it also offers a means for you to check whether you are vulnerable via a ‘heartbleed’ test. The good news is that another version of OpenSSL has been released which addresses the vulnerability.  There is also a sense of urgency that the fix needs to be applied as soon as possible and we understand that this process is already happening but how soon and how widespread it’s difficult to say. Ironically, the Heart Bleed exploit also means cyber criminals’ infrastructure and their secrets have also been exposed.
Filed under: Uncategorized

Written by Steve Bell

Steve has a background in IT and business journalism and has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies producing content producing. He has a particular focus on IT security and has produced several magazines in this area.

More articles by Steve Bell


  • mrs j davis

    28 Jun 2014, 20:46

    please confirm i am securely covered by bulldog

Leave a Reply




Please enter the code

Please enter the captcha code!

Security code

Ranked #1 by industry experts

BullGuard Internet Security Cup

Internet Security

Free download
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.