• Blog
  • 2 MINUTES READ

Heartbleed Bug

  • POSTED ON
  • April 15, 2014
  • POSTED BY
  • Muhammad Asim
  • POSTED ON April 15, 2014
  • POSTED BY asim

Security vulnerabilities have serious ramifications for users across the web and the popular Heartbleed vulnerability in OpenSSL library is one of them. A critical vulnerability nicknamed “Heartbleed” was discovered in OpenSSL, the most popular SSL module used on Linux/cPanel servers. This exploit allows a third party to steal information that would otherwise be secured and

Security vulnerabilities have serious ramifications for users across the web and the popular Heartbleed vulnerability in OpenSSL library is one of them. A critical vulnerability nicknamed “Heartbleed” was discovered in OpenSSL, the most popular SSL module used on Linux/cPanel servers. This exploit allows a third party to steal information that would otherwise be secured and encrypted with the SSL/TLS protocol, and to steal the private keys from the certificate pair itself.

OpenSSL is a cryptographic library that helps secure sensitive information all over the internet.

Although recently discovered, Heartbleed vulnerability is actually a coding bug in the OpenSSL library (from version 1.0.1 to 1.0.1f) that can leak sensitive information to unauthorized users. This information includes almost everything communicated over SSL connections such as login credentials, banking transactions, credit/debit card information, instant messaging, VPNs, emails etc.

If exploited, the attacker can trick the server into exposing its private encryption key. This private key can further be used to impersonate services and allow the attacker to gain access to further sensitive data since the user would be assuming it’s connected to the right server via SSL.

Our NOC team learnt about the security vulnerability as soon as it was announced. We immediately patched all servers of all our clients. We also intimated everyone across our resources and client base to take the proper steps to contain the situation.

Clean 1corrupt 1

ABOUT THE AUTHOR

Muhammad Asim

Regulations can present a big challenge for fintech product managers. Build compliance into your development process from the start, with these tips from a leading financial product manager. Regulations can present a big challenge for fintech product managers.

0 Comments

Leave a Reply

More Related Article
We provide tips and advice on delivering excellent customer service, engaging your customers, and building a customer-centric business.