Internet users told to change ALL passwords in security alert over 'catastrophic' Heartbleed bug

-
LastPass Heartbleed Checker warns if a website may be at risk. It also reveals websites that aren't affected


As a result, personal information such as passwords and credit card details has been accessible.
Heartbleed, so called because it creates a ‘bleeding’ leak of security, is a flaw in OpenSSL, the software used by the majority of websites to keep data secure.
The programme works by encrypting data – such as emails, instant messages, bank details or passwords – making it look like nonsense to hackers.
When a line of communication is secure and information encrypted, the user sees a padlock on the page. When software is active, one computer may send a ‘heartbeat’ – a small packet of data – to check there is still another computer at the other end.
However, a flaw in the programming meant it was possible to trick the computer at the other end by sending it a packet of data that looked like one of these heartbeats. This made it possible for hackers to impersonate the website and steal the encryption keys, revealing the data being sent.

The bug was found simultaneously by a Google security researcher and a small Finnish security firm named Codenomicon and disclosed on Monday night.
Many companies have installed a ‘patch’ to fix the flaw, but there are still many that are vulnerable as service providers must install the update.
Furthermore, it is not known whether hackers had used it before the bug came to light – it went undiscovered for two years – as doing so would not leave a trail.

One of the worst affected sites was Yahoo!, who posted a warning on their blogging site Tumblr to say: ‘The little lock icon we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible.’
A spokesman for Codenomicon said: ‘If people have logged into a service during the window of vulnerability then there is a chance that the password is already harvested.
‘In that sense it’s a good idea to change the passwords on all the updated web portals.’
However, researcher Mark Schloesser said changing a password on websites that have not fixed the bug could reveal ‘both the old and new passwords’ to an attacker.
By Rebecca Evans and Tania Steere

Comments

Post a Comment

Message Sent

Popular posts from this blog

POS Transactions Increase to N24 Billion Monthly – CBN

-
Image
The Central Bank of Nigeria (CBN) said Point of Sales (POS) transactions value had increased from N38 million per month in 2012 to N24 billion monthly in June, 2014This is contained in a report on e-payment transactions released by the apex bank in Abuja on Monday.According to the report, mobile money transaction values up to N819 million monthly.“The POS transaction increased in volume from less than 2000 in January 2012 to 1.6 million per month as at June 2014.“Over 150,000 POS terminal is presently across the country and 22 mobile money operators has been licensed,’’ it added.It added that licensed Payment Terminal Service providers increased from five to 10 to increase POS terminal penetration across the country.It noted that Nigeria Inter Bank Settlement System (NIBSS) instant Transfer had increased in volume from 87,000 transactions a month in January 2012 to 3.1 million transactions a month as at June 2014.
Read more

Meet the world's hottest transgender - Amiyah Scott

-
Image
Yep, all that used to be male. Her name is Amiyah Scott, but she was born ‘Arthur Scott’ in New York in 1988. She's a transgender model and make-up artist. Arthur started the process of turning into a woman when he was 17. He got breast augmentation, booty shots, light filler in the cheeks etc etc.  by linda ikeji       
Read more

Streaming search engine, JustWatch launches in South Africa

-
Image
JustWatch, a search engine for online streaming, has launched in South Africa with the aim of connecting movie fans with their favourite contents worldwide. JustWatch help users find out where to watch movies legally. They can easily search through streaming services like Netflix, iTunes, ShowMax, BoxOffice, Google Play et al, and instantly find out what’s new and popular in the streaming world. The platform comes with some amazing features such as the Timeline which features all recently added movies, sorted by service and the Watchbar, which remembers individual settings. Users can also can customize their search whether you are looking for the newest streams or most popular movies. Further filter options include release year and favourite genres.
Read more