Top10WebHosting

Open NavigationOpen Search
Everything related to web hosting.
  • Learning center
    • Move host guide
    • Compare Shared Hosting & VPS
    • SEO related
  • Hosting by features
    • Top web hosting
    • cPanel web hosting
    • PayPal web hostings
    • PHP Web Hosting
    • VPS Web Hosting
  • Coupons
    • Bluehost coupon 2017
  • Hosts overview
    • GreenGeeks Review
    • JustHost Overview.
    • Bluehost Overview
    • IXWebhosting Overview
    • Hostmonster Overview
    • Hostgator Overview.
    • SiteGround Overview
  • About
    • Contact Us
    • Disclosure
You are here: Home / news / Heartbleed bug – an OpenSSL security flaw

Heartbleed bug – an OpenSSL security flaw

April 11, 2014 by Wyng

It seems like we have been living peacefully without majar online security flaw, however a bug called “HeartBleed” has been revealed earlier this week.

What is HeartBleed ?

heartbleed

This “HeartBleed” bug could  let attackers gain access to users’ passwords and fool people into using bogus versions of Web sites. Some already say they’ve found Yahoo passwords as a result.

The problem, originated from the famous open source, “OpenSSL” that’s widely used to encrypt Web communications. Heartbleed can reveal the contents of a server’s memory, where the most sensitive of data is stored. That includes private data such as usernames, passwords, and credit card numbers. It also means an attacker can get copies of a server’s digital keys then use that to impersonate servers or to decrypt communications from the past or potentially the future, too.

This isn’t simply a bug in some app that can quickly be updated – the vulnerability is in on the machines that power services that transmit secure information, like Facebook and Gmail.

“We were able to scrape a Yahoo username & password via the Heartbleed bug,”tweeted Ronald Prins of security firm Fox-IT, showing a censored example. Added developer Scott Galloway, “Ok, ran my heartbleed script for 5 minutes, now have a list of 200 usernames and passwords for yahoo mail…TRIVIAL!”

Here are a few things you can do now

Steps as a web hosting or server admin has to take –

  1. Update to patched OpenSSL packages
  2. Regenerate a new SSL certificate if you are using one.

Steps as a user has to take –

  1. Change your password (gmail, facebook, whatever online services)
  2. Tell your friends about it.

Filed Under: news, security

Back to top ▴

List of Most popular hosting plan


Our list of top web hosting plan with discounted entry price, good features with excellent support.

Hosts using the Most user friendly control panel


cPanel control panel has the most user friendly interface to control the Linux enviroment.

Hosts accepting PayPal


Stay safe, use Paypal to hide your credit cards from hosts.

Follow us on Social media

About Top10WebHosting.com

I manage & consult web developments for companies. And I have chance to use different web hosts by different client.

I am here to share some good & highlights of different hosts by features & rating.

Search this website

Copyright © Top10WebHosting.com 2002-2018. All Rights Reserved.

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok