Heartbleed or CVE-2014-0160

Heartbleed or CVE-2014-0160

Heartbleed or CVE-2014-0160

By , 0 Comments

A security flaw that has been discovered the past couple of days has been keeping us busy and apparently not only GoZEN Host administrators but administrators all over the world suffer from this because of the Heartbleed or CVE-2013-0160 bug.

So let’s see what’s the status of this situation.

What’s Heartbleed?

It’s a vulnerability in the way your browser talks to a website over an encrypted channel. An attacker could theoretically take advantage of the bug to unravel the secure channels used by banks, e-commerce sites and other sensitive locations to steal passwords and other sensitive information.

In other words Heartbleed is a flaw in the OpenSSL implementation of the basic cryptographic protocol that secures Web communications, known as SSL.

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names, and passwords of the users and the actual content. This allows attackers to steal data directly from the services and users and to impersonate services and users.

What also makes this problem even scarier is the fact that this Vulnerability is there (not known but it was there) since 2012, yes you heard me it was there since 2012 and only got known to everyone (not sure about the hackers) since Monday.

Here at GoZEN Host we started patching our servers and reissuing SSL certificates as soon as all that came out and we feel that no sensitive data has been stolen, but we urge our customers to change all their passwords just in case.

At this point i would like to repeat myself once more about the importance of a good secure password that you keep changing periodically, there’s nothing more secure than a password that you change quite often and you make sure it’s difficult enough for anyone to guess.

Share this post

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Posts

Your website marked as harmful by Google

Your website has been marked as harmful

What to do if your website has been marked by Google as harmful If you see the following warning when [...]

Read More
bash_keyboard

CVE-2014-6271: Bash lets you do bad things

I am sure you’ve heard but about a critical vulnerability in BASH (Bourne Again Shell) which is the default [...]

Read More

Creating a Welcome message for SSH logins

Having a personalized greeting message when you log on to your Dedicated or VPS server, is something that many [...]

Read More
cpanel_whm

How To Install cPanel on a Server Running CentOS

cPanel the leading control panel software on the market that allows users to administer servers through a GUI interface [...]

Read More
cpanel whm

cPanel/WHM Price increase!

With hardware updates and increase of performance cPanel Ιnc, most probably want’s to drive the way each business runs [...]

Read More
How is GOZEN Host LLC complying with GDPR?

How is GOZEN Host LLC complying with GDPR?

We are getting ready to be GDPR-compliant. With this blog post, we would like to explain what we have [...]

Read More
google-pagerank

SSL becomes SEO Factor by the new Google Algorithm

Over the past few months, Google has been running tests to develop an algorithm that accounts for site encryption [...]

Read More
Spectre and Meltdown

Spectre and Meltdown vulnerabilities

What are Meltdown and Spectre? In brief, “Meltdown” affects the most fundamental isolation of user applications from the operating system, [...]

Read More
cpanel-whm-backup

How to run cPanel backup via SSH

cPanel, one of the best Control Panels for hosting offers you tons of tools to run a web server, [...]

Read More
how to fly a plane

How to get a Featured Snippet

Google constantly rolls out updates for their search engine, in fact it’s estimated that there are around 500-600 changes [...]

Read More
%d bloggers like this: