'Heart Bleed' Bug Ravages Web, Users Urged to Change Passwords
Internet security professionals from across the world have been in a panic as the recently discovered "Heart Bleed" bug debuted shortly after being discovered Monday morning. This exploit is perhaps one of the greatest threats to ever surface on the World Wide Web, threatening to reveal sensitive consumer identification information on a massive scale. The exploit, discovered jointly by security engineers working at Google and Codenomicon, is a flaw in popular encryption technology OpenSSL. Much of the angst surrounding the bug is because of how long it has apparently existed, and the very fact that attackers are untraceable.
The bug can be a little tricky to explain, but it revolves around a piece of software called OpenSSL that essentially helps in ensuring user information is encrypted over the internet pipeline; when you're making a purchase online, entering sensitive user details, or sending an email, this technology is at work to safeguard you from prying eyes. However, an exploit in OpenSSL has allowed hackers to gain access to this information for over two years.
Most of the web is believed to be affected by the bug, although no one is certain how widespread attacks might have been over the last two years. At the time of the discovery, Yahoo.com was the only major internet company to be affected by 'Heart Bleed'; companies such as Amazon and Facebook are unaffected, however, they may have run the bugged software at one point in time. According to a Netcraft web survey, over 66% of websites online are believed to be affected by the exploit.
One internet security firm, Fox-IT, simulated an "attack" on Yahoo to conclude how devastating the bug is overall. Ronald Prin, an analyst that led the simulation, tweeted that "We were able to scrape a Yahoo username & password via the Heartbleed bug," eventually adding that "... ran my heartbleed script for 5 minutes, now have a list of 200 usernames and passwords for yahoo mail...TRIVIAL!" Since the time of this simulation, Yahoo has already applied patches preventing further exploit.
Tuesday night, at approximately 9PM, Plymouth servers were taken down to apply security upgrades. According to a post by JoAnn Guilmett, Director of Client Services at Plymouth State, "A critical vulnerability has been identified that impacts a number of PSU's systems including myPlymouth and its related services (such as Moodle, Mahara, Self-service Banner, Banner INB, and PSU blogs)." These services have long since been restored, and downtime is likely related to the exploit's discovery.
It is highly advisable that anyone who is concerned with their internet security to immediately change their passwords for any service they use, and to presume their information has been compromised. It is important that this information is passed on to as many individuals as possible, as remedying the overall solution requires effort from both web administrators, who may not know of the exploit, and users alike.
Get Top Stories Delivered Weekly
More theclockonline News Articles
- The Afrofutures of Feminism: Young, Gifted, and Black
- A Weekend of Darkness
- Elizabeth Warren Visits PSU
- Freedom of Speech at PSU
Recent theclockonline News Articles
Discuss This Article
MOST POPULAR THECLOCKONLINE
Campton Elementary School 8th Grade Silent Auction & Spaghetti Dinner By Rebecca Tgibedes
Will You? By Isabelle Elsasser
Summer in the Sunflowers By Emily Holleran
Student Spotlight: Sabrina Siegel By Justine Walsh
GET TOP STORIES DELIVERED WEEKLY
FOLLOW OUR NEWSPAPER
LATEST THECLOCKONLINE NEWS
RECENT THECLOCKONLINE CLASSIFIEDS
OUTSIDE THE LINES
- Tips For Improving Mental Health
- New Writers and Illustrators Win Decades-Old Science...
- Moving Resources For Military Families
- Historic Agreement Signed By Red Cross and Armed Forces
- Salonpas® Brand Stands the Test of Time
- Tips to “Yard Your Way” This Spring
- Upgraded Upstate Power Grid Will Deliver a Smarter,...
- A Story To Sing About
- The Gap in Gum Care: Why Caring For Your Teeth’s F...
- Top Tips for Signature Scents and Better-Smelling Laundry
FROM AROUND THE WEB
- BookTrib’s Bites: Jump into Spring with These Four Reads
- The Untold Story of GoDaddy Founder’s Traumatic Life a...
- La Semana del Aprendizaje Juvenil destaca las oportunidades
- BookTrib's Bites: Four Captivating Spring Reads
- Moms Kick Back with Mamaritas
- Generac Urges Americans to Prepare for Power Outages Early
- Youth Apprenticeship Week Spotlights Opportunities
- New Expo Showcases AI Innovation
- Self-Care and Mental Health Tips for Caregivers
- Adventure Awaits: Discover the Playset that Brings...
COLLEGE PRESS RELEASES
- NOW Available: Comcast Launches NOW Brand Prepaid Internet and Mobile Services Nationwide
- Guidenar Launches New Career Test for Gen Z
- GotIt! Education Offers MathGPT Free to All State & Community Colleges
- Shoff Promotions Comic Book & Sports Card Show
- Semiconductor Research Corp unveils 2024 Research Call, $13.8M Funding