On Monday, a serious security vulnerability in OpenSSL - software which two-thirds of the Internet uses to keep connections secure - was announced and nicknamed Heartbleed. This vulnerability allows an attacker to steal sensitive data (such as account information and passwords) from various web services and clients. We want all of our users to know that Lookouts website was not affected by the vulnerability, however, some of Lookouts other Internet-facing infrastructure was. We took care to protect our users as soon as possible, patching our systems and replacing all of our SSL certificates within hours of the bugs public release. However, because two-thirds of all active websites depend on OpenSSL to communicate securely, some of the other services you use may not be patched yet. How can you protect yourself? Look out for communications from the services you use. As companies patch this vulnerability and secure their own systems, some may send emails or other communications to let you know. Not all services will be communicating about this vulnerability, but you can always contact them to ask if their systems are secure. Get a new password ready. If you receive communications from any of your service providers telling you that their systems are secure, this is the best time to change your password. Changing your password before a system is secure could actually make your new password easier to intercept. To learn more about the Heartbleed vulnerability, you can read our blog post for more details: https://blog.lookout/blog/2014/04/09/heartbleed/
Posted on: Sat, 12 Apr 2014 00:06:18 +0000
Trending Topics
Recently Viewed Topics
© 2015