Putting the squeeze on the Heartbleed bug
| Posted by absolute
A vulnerability in OpenSSL software has potentially exposed the personal details of millions of web users.
OpenSSL is designed to protect sensitive data as it passes across the network and can be found in lots of major web servers, operating systems, email services and instant messaging systems.
This new Heartbleed security threat exploits a vulnerability in the software responsible for handling SSL (https) requests on websites. It affects everyone from internet giants like Yahoo! and Amazon right down to smaller hosting companies and individuals.
We’ve been quick to respond to this threat and plug any potential security holes. Our upstream vendors have provided us with a patch to resolve the issue and we’ve applied it across all of our servers. We also thoroughly tested them to ensure that they are no longer under threat, ensuring that all the websites we host are now secure.
This has been a major security breach and as such we can’t recommend enough that you take steps as soon as possible to ensure all of your own business and personal web assets are secure. To re-iterate the advice of OpenSSL, Google and many others, you should reset all the passwords on all of your online accounts - particularly ‘high profile’ services such as email, online banking and file storage. If you’re unsure what to do you can check the security of your website by going to http://filippo.io/Heartbleed/.
If you have any more questions about the Heartbleed bug or would like advice on secure web hosting feel free to give Ant Scarborough a call on 0115 953 4800 ext 204