Internet Users Told to Change ALL Passwords in Security Alert Over 'Catastrophic' Heartbleed Bug

10 years ago - April 10, 2014
bugshackerssecurity
Internet Users Told to Change ALL Passwords ...
Internet users have been warned to change all their computer and phone passwords following what could be a ‘catastrophic’ security breach.

Major technology firms have urged the public to immediately update their online security.

The alert is the result of the discovery of an internet bug called ‘Heartbleed’, which is able to bypass computer security settings.

As a result, personal information such as passwords and credit card details has been accessible.

Heartbleed, so called because it creates a ‘bleeding’ leak of security, is a flaw in OpenSSL, the software used by the majority of websites to keep data secure.

The programme works by encrypting data – such as emails, instant messages, bank details or passwords – making it look like nonsense to hackers.

When a line of communication is secure and information encrypted, the user sees a padlock on the page. When software is active, one computer may send a ‘heartbeat’ – a small packet of data – to check there is still another computer at the other end.

However, a flaw in the programming meant it was possible to trick the computer at the other end by sending it a packet of data that looked like one of these heartbeats. This made it possible for hackers to impersonate the website and steal the encryption keys, revealing the data being sent.

The bug was found simultaneously by a Google security researcher and a small Finnish security firm named Codenomicon and disclosed on Monday night.

Many companies have installed a ‘patch’ to fix the flaw, but there are still many that are vulnerable as service providers must install the update.

Furthermore, it is not known whether hackers had used it before the bug came to light – it went undiscovered for two years – as doing so would not leave a trail.

One of the worst affected sites was Yahoo!, who posted a warning on their blogging site Tumblr to say: ‘The little lock icon we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible.’

A spokesman for Codenomicon said: ‘If people have logged into a service during the window of vulnerability then there is a chance that the password is already harvested.

‘In that sense it’s a good idea to change the passwords on all the updated web portals.’

However, researcher Mark Schloesser said changing a password on websites that have not fixed the bug could reveal ‘both the old and new passwords’ to an attacker.

 

Text by Daily Mail

We also recommend

Apple's latest security flaw is a 'text bomb'

Apple's latest security flaw is a 'text bomb'

Software developer Abraham Masri claimed to have found the bug, called "chaiOS," and posted it on programming site GitHub on Tuesday afternoon. The so-called "text bomb" typically causes an iPhone to crash and, in some cases, restart. A newly discovered security flaw is affecting Apple's iPhone and Mac computers.

6 years, 3 months ago

New computer virus spreads from Ukraine to disrupt world business

New computer virus spreads from Ukraine to disrupt world business

A cyber attack wreaked havoc around the globe on Wednesday, crippling thousands of computers, disrupting operations at ports from Mumbai to Los Angeles and halting production at a chocolate factory in Australia.

6 years, 10 months ago

Yahoo hack: Should I panic?

Yahoo hack: Should I panic?

Yahoo has said data from more than one billion accounts may have been hacked.

7 years, 4 months ago

Yahoo Will Reveal ‘Massive’ Loss of User Data, Recode Says

Yahoo Will Reveal ‘Massive’ Loss of User Data, Recode Says

Yahoo! Inc. is preparing to disclose a “massive” data breach of its main service, Recode reported, just as Verizon Communications Inc. prepares to take over the ailing internet company’s core assets.

7 years, 7 months ago

FBI chief James Comey recommends taping over your webcam

FBI chief James Comey recommends taping over your webcam

He likened it to locking your car and your house at night.

7 years, 7 months ago

Brazzers porn account holders exposed by hackers

Brazzers porn account holders exposed by hackers

The names of almost 800,000 registered users of porn site Brazzers have been exposed in a data breach.

7 years, 7 months ago

Tags Cloud
2010accidentsadvertisingAfrAsiaafricaagalegaagroAir Franceair mauritiusAirlinesairportairway coffeeAlvaro SobrinhoamazonAmeenah Gurib-FakimAMLandroidApollo Bramwellappleappointmentsappsarrestasiaauditaudit reportaustraliaaviationawardsBABagatelleBAIBangladeshbankbanksbarclaysbeachbeachesBeau Bassin-Rose HillbetamaxBOIboko haramBollywoodBOMbombingbpmlBPOBramer BankbrazilbrexitbudgetBusinessCanadacanecareercareer tipscasinoCCIDCCMCEBcementChagosCHCchinaCIELcigarettesconferenceConfinementCongoconstructioncontestCoronaviruscorruptionCourtCourtscouvre-feuCOVID-19CPBCPEcreativitycrisiscruise shipsCSOCT PowerCultureCurepipecustomerscustomsCWAcyclonedamDawood RawatDBMdeficitdenguedevelopmentdoctorsDomaine les PaillesDPPdrug traffickingdrugsDTAADuty FreeearthquakeebolaecoécoleseconomyEducationEgyptelectionselectoral reformelectricityEmiratesEmtelenergyENLentrepreneurshipEUEuropeeventsexamexamsexpoexportfacebookfairfarmersfeeFIFA World CupfinancefinancesFirefishfishingFlacqFlic-en-FlacFloodsfoodFootballforecastforeign workersFrancefraudfruitsFSCfuelfunnyGAARgamblinggamesgasgazaGermanygooglegovernmentGRAgreengreen energyhackershajjhawkershealthhealthcareHeritage Cityhistoryholidayshorse racingHospitalhotelhotel businesshotelshow toHRHRDCHSBCHSCIBLICACICTICTAID cardillegal fishingIMFimportindiaIndian OceanIndonesiainflationinfrastructureinnovationsinsuranceinternetInterviewinterview tipsinvestmentinvestmentsiosiPadiphoneiraniraqIRSISISisraelITItalyjapanJin FeijobjobsjournalismKenyaKPMGlandlawlawslayoffsleadershipLepeploanslocal governmentLockdownlotteryLRTLufthansaMadagascarmalaysiamalaysia airlinesmanagementmanagement tipsmanufacturingmarketmarketingmarketsMauBankMauritiansmauritiusMBCMCBMCCImeccaMedical CouncilmedicamentsmedicineMedPointmeetingMEFMESMetro ExpressMEXAMicrosoftMIDMIEmigrationminimum salaryminimum wageMITDmlMMMmoneymoney launderingmotivationmoviesMozambiqueMPAMPCMPCBMRAMSCMSMMTMTCMTPAMusicMV BenitaNandanee SoornackNarendra ModinatureNavin RamgoolamNavind KistnahNCBnceNDUnetworkingNew Mauritius HotelsNHDCNigeriaNobel Prizenorth koreaNTCNWCCofficialsoffshoreoilOlympic GamesOmnicaneorangeOUMPakistanpalestineparliamentPaul BérengerPhilippinesPhoenix Beveragespicture of the daypiracyplagePMPMOpmsdPNQpolicepoliticsportPort LouisPort-LouispostPravind JugnauthPRBpricepricesproblemprostitutionprotestspsacPSCpsychologyPTRpublic servicequatre-bornesrainsRakesh Gooljauryratingsreal estatereformsrepo rateRESrestaurantsresultresultsReunionriceroadsRoches-Noires caseRodriguesRogersRose-HillRoshi BhadainRussiaSAJsalariessalarysalessamsungsaudi arabiasbmSCscamscandalscholarshipscholarshipsSchoolschoolssciencesecuritySeychellessharksshootingshoppingshopping mallSICsicomsingaporeSITskillssmart citysmartphonesSMeSMEDASobrinho casesocial mediasocial networks & messengerssolar energysouthsouth africasouth koreasportSportsstartupsstatisticsstatsSTCstrategystreet vendorsstrikestudysuccesssugarSun Tan caseSunkai casesyriaTAtabletsTanzaniataxtax heaventaxesteaTECtechnologytelecomterrorismtextilethailandthefttime managementtipstourismtradingtrainingstransporttrendstunaTurfTurkeyTVtyphoonukukraineunemploymentunionsuniversityuomUSUTMvacanciesVacoas Popular Multipurpose Cooperative SocietyVacoas-Phoenixvarma casevegetablesVideo of the DayvisaVishnu LutchmeenaraidooWaterWaterparkWeatherWhitedot Casewi-fiWMAWorld BankXavier-Luc DuvalYEPzimbabwe