WARNING new password bug identified

7 replies
Just seen this. Thought I'd share FYI BBC News - Heartbleed Bug: Public urged to reset all passwords (not an affiliate link).
#bug #identified #password #warning
  • Profile picture of the author Jeffery
    Thank you. Nice to know.

    Jeffery 100% :-)
    Signature
    In the minute it took me to write this post.. someone died of Covid 19. RIP.
    {{ DiscussionBoard.errors[9092521].message }}
  • Profile picture of the author Kingfish85
    Verify the servers you're connecting to are fixed first, if they're not, changing passwords isn't going to make any difference. A lot of people re-circulating these articles don't understand how this works.

    EDIT: Also, this isn't specific to just passwords...
    Signature

    |~| VeeroTech Hosting - sales @ veerotech.net
    |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
    |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
    |~| Visit us @veerotech Facebook - Twitter - LinkedIn

    {{ DiscussionBoard.errors[9092528].message }}
  • Profile picture of the author tumichael
    Heartbleed is causing confusion on Internet. After reading a lot of articles, I make this video for better understanding. This is a serious problem so we need to pay attention

    Heartbleed Bug - What Is It EXACTLY? - YouTube
    Signature
    {{ DiscussionBoard.errors[9098425].message }}
  • Profile picture of the author nim84
    I've changed all my emails passwords really, not bothered with others, banks have quite strong security ( i have to use a chip and pin device to log in)
    {{ DiscussionBoard.errors[9098674].message }}
  • Profile picture of the author Mindz
    lol at this. I wonder what propaganda program there running now. Just give it a couple weeks change your passwords again.
    {{ DiscussionBoard.errors[9098697].message }}
  • Profile picture of the author Mo Goulet
    I received this from LiquidWeb...

    If you are receiving this announcement, then you have at least one
    server with Liquid Web that may be vulnerable to a serious security
    flaw.

    On April 07, 2014 a severe vulnerability in OpenSSL was announced. Known
    formally as the "Heartbleed Bug", this flaw allows for the theft of information
    normally protected by SSL/TLS encryption. Specifically, the Heartbleed
    Bug allows memory to be read on systems using OpenSSL 1.0.1 before
    1.0.1g, which can compromise private/secret keys used to encrypt data
    and application traffic. At the very least, this would allow attackers
    to impersonate users and services, and provide a means for data theft.

    Unless automatic updating has been disabled, a patch has been downloaded
    for your system and a system reboot is required to complete the
    process. We encourage you to reboot your server as soon as possible to
    ensure your system is secure.

    Beginning April 10, 2014 at 8pm EDT we will be updating and rebooting
    servers which are found to still be vulnerable to the Heartbleed
    Bug. Due to the nature of this vulnerability, and the volume of servers
    eligible for the update, we cannot accommodate requests for a specific
    reboot time. You may opt out of a server reboot, should you plan to
    apply the update yourself, by simply opening a ticket at
    http://manage.liquidweb.com. If you opt out, Liquid Web will assume
    that you've appropriately patched your servers.

    For further information on the OpenSSL Heartbleed Bug, please refer to
    Update and Patch OpenSSL for Heartbleed Vulnerability | Liquid Web Knowledge Base
    {{ DiscussionBoard.errors[9098708].message }}

Trending Topics