Tech News

Heartbleed Bug Targets Vulnerable Servers

Heartbleed Bug Targets Vulnerable Servers
Bernadine Racoma

The news about Heartbleed, the new computer bug that targets vulnerable servers broke out three days ago. According to statistics gathered by Netcraft, a net monitoring company, there are about 500,000 servers that are vulnerable to this current bug. There were conflicting suggestions from developers and Internet security professionals to change passwords, as others were telling that it is best to wait. What’s clear is that many developers and security experts were kept very busy creating patches for known vulnerabilities.

Confusion

According to computer experts, it is not clear yet whether the scanning efforts done by Heartbleed were not malicious or these were actually working to steal data. While there were security people that were advising online users to change their passwords for email, social network and file sharing sites and such, Google had advised that the logins for users of its services do not have to reset their passwords, unless they also use the same passwords on non-Google services sites.

Tumblr, the blogging platform of Yahoo and the If This Then That app developers on the other hand advised their users to change their passwords. But then experts were saying that a password change will not work unless the site’s servers had been patched, which is not known to public users.

Pattern of attack

Web companies rushed to check if their servers were vulnerable when the news about Heartbleed broke out.

It showed up in software that was meant to keep the passing of date between users and sites safe and private. This meant that with this bug, the attackers could use cleverly designed queries that could steal data from vulnerable servers slowly.

Ars Technica, a website for tech news and information reported that before the news about Heartbleed was made public, there were already evidence that some sites were getting probes from a network of bots. Meanwhile, a gaming company that did an immediate scan reported that whoever sent them the Heartbleed bug was only trying to tell them that data leaks were present in their site.

Difficult period

Security analysts are saying that it is still difficult to detect an attack by the bug, unless companies are very active in scanning their sites. Many are now running intrusion detection systems and there are those that run honeypots to trick hackers.

So far, a number of large sites have patched their systems and many more are doing the same. But there is still a big number of sites that are still susceptible to an attack. With this latest development, there are now new websites that allow people to check if a site is not yet secure.

The best thing to do at this point is for users to check if the site is indeed vulnerable and if any action to fix it had already been done, according to the global head of research at Sophos, James Lyne. He said that changing a password will not prevent data theft unless the site is protected. In addition, he said that rushing to change passwords will only encourage people doing phishing scams to send out bogus messages that advise people to change or reset their passwords.

He also added that this is not the first vulnerability that had been detected and it will continue to happen but the occurrence of the Heartbleed bug is one of the more serious ones in recent years.

Photo credit: Taken by DARPA under Creative Commons Attribution-Share Alike 3.0 Unported License.

Comment Below
Tech News

More in Tech News

video-conference-interpreting

Virtual Interpreting Technology Is Blooming in the Age of Covid-19

Day NewsJuly 31, 2020
jbareham

Google’s Pixel Buds are Capable of Translating 40 Languages

Bernadine RacomaOctober 26, 2017
iphone x

Can Apple Ship the iPhone X in Time For the Holidays?

Camilo AtkinsonOctober 25, 2017
bitcoin

One Bitcoin is Now Worth Over $5,000

Brian OasterOctober 19, 2017
piccadilly

New Piccadilly Mono-Screen Can Target You With Custom Ads

Brian OasterOctober 17, 2017
facebook stories

Facebook Stories Expands Despite Unpopularity

Brian OasterOctober 12, 2017
facial recognition

China Expands Use of Facial Recognition Technology

Brian OasterOctober 5, 2017
Facebook Fake News

Trump Accuses Facebook CEO Mark Zuckerberg of Bias

Bernadine RacomaSeptember 29, 2017
Apple Park

Apple Park: One of Steve Jobs’ Major Dreams Unveiled

Bernadine RacomaSeptember 15, 2017

Day News Corporation

415 Madison Avenue, 15th Floor, New York City, NY 10017

(212) 537-6123

Latest Tweets

DayNewsCo @DayNewsCo

Could not authenticate you.