Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT
Tuesday, 15 April 2014 / Published in Woo on Tech

Heartbleed security hemorrhaging continues

Heartbleed Bug

Heartbleed continues its rampage across the internet. There are too many stories to tell and too little time. Read on only if you have the stomach for it.

  • Networking companies Cisco and Juniper have revealed that several dozen models of their hardware devices are affected by the OpenSSL security flaw known as Heartbleed. To see if any of your networking products made this list, Cisco’s advisory can be found here, and Juniper’s here.
  • Two sources close to the NSA allege that the spy agency has exploited Heartbleed since it first appeared over 2 years ago.
  • Android smartphones and tablets running version 4.1.1 of the Google operating system are vulnerable to the bug. According to Google, this may affect less than 10% of all Android devices, but given that there are nearly 900 million Android OS devices, that still means millions.
  • The vulnerability was used to steal 900 taxpayer ID’s from Canada’s Revenue Agency.

What this means for you:

The security implications of the Heartbleed vulnerability are staggering and very difficult to encompass. Now, more than ever, you must keep a close eye on your digital assets and accounts. Confirm with your financial institutions whether or not they were impacted by the bug (most major, commercial banking institutions did NOT use OpenSSL), and if they were, wait until they confirm that they have fixed it before changing your password. Do NOT use any software or websites confirmed to be affected by Heartbleed until they patch the bug, even to change your password. If you do this while the vulnerability still exists, there is a good possibility that hackers can actually see you changing your password and record the new one. Right now, because of the spotlight on this hole, hackers are racing to exploit the panic and confusion, and you are more likely than ever to be hacked. Wait until your websites confirm they have patched the security hole before using them to change your password.

Keep in mind that many, many organizations are still working through the impact this bug has on their technology, and many are just as confused as you might be. There will continue to be a lot of uncertainty and possible panicky responses from company representatives who are ill-informed on their company’s official stance on Heartbleed. The vulnerability affects a technology that is sophisticated and not easily explained, and not even the most eloquent among technology professionals can convey the problem and solutions in easy-to-understand terms. During these uncertain times, constant vigilance is the only weapon many of us have at the moment, so keep your eyes open and your IT consultant on speed-dial!

 

 

 

  • Tweet
Tagged under: Android, breach, cisco, Google, heartbleed, juniper, nsa, security, vulnerability

What you can read next

Multi-Factor Authentication: The Security Measure Your Team Will Hate (But Needs)
Phishing email or legit?
Gmail’s Spam Filter Isn’t Foolproof
ID-10067190.jpg
Maybe they shouldn’t have called it “Echo”

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...
  • The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    I have had this conversation more times than I ...
  • Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote work is no longer a temporary arrangemen...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP