Heartbleed: OpenSSL Vulnerability that affects EVERYONE
Hey everyone, this is really important: Avoid the internet for a while and change all your passwords to everything. This is not a joke. They discovered a bug in OpenSSL, which powers like 2/3 of the internet. It's really, really really bad.
If you are using the same password for most sites you visit, it is urgent that you change at least your banking and email accounts and any other high risk/high security websites you may use.
They've already confirmed that Yahoo is/was vulnerable along with a huge chunk of websites on the internet. Most of the major websites have already updated their software, but if they were compromised prior to that your, data and passwords still need to be changed.
To see if your website or a website you use is vulnerable, run the url against this Heartbleed test: http://filippo.io/Heartbleed/
I'll keep you posted on the status of the Spokesman-Review's websites.
UPDATE:
I confirmed with our tech support team that none of the Spokesman-Review's websites (spokesman.com, nwprepsnow.com, etc) were vulnerable to this particular bug because we were using a different version of OpenSSL. If you have any questions regarding the security of any of our sites, please email webteam@spokeman.com and we'll be happy to chat.
For more information, check out some of the following links:
Technical details:
http://krebsonsecurity.com/2014/04/heartbleed-bug-exposes-passwords-web-site-encryption-keys/
News:
http://www.bbc.com/news/technology-26935905
http://www.cnet.com/news/heartbleed-bug-undoes-web-encryption-reveals-user-passwords/
Updates from popular sites:
https://blog.heroku.com/archives/2014/4/8/openssl_heartbleed_security_update
http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html
