Heartbleed Vulnerability: What you need to know

heartbleed

Yesterday, on April 7, 2014, researches uncovered a vulnerability in OpenSSL. It's called Heartbleed. And basically it's scary as hell. The gist of it boils down to this: If you log into a site that's been compromised, the hacker has a good chance of getting your password. And your email. And your name. And your... And there's an awful lot of websites that are vulnerable, or were as of yesterday evening when the vulnerability was announced (think many millions and you're on the right track). If you're running a website, you need to update your OpenSSL as soon as possible. To do that, run sudo apt-get update && sudo apt-get dist-upgrade Followed by either sudo … [Continue reading]