Heartbleed Bug: Homeland Security advises public to change passwords for sites affected by flaw

The US Department of Homeland Security has warned that it believes hackers are trying to make use of the Heartbleed bug.

It advised the public to change passwords for sites affected by the flaw once they had confirmed they were secure.

However, an official added that there had not been any reported attacks or malicious incidents.

The alert comes as several makers of net hardware and software revealed some of their products had been compromised.

Affected equipment includes network routers and switches, video conferencing kit, phone call software, firewalls and apps that let workers remotely access company data.

The encryption flaw can potentially be exploited to steal passwords and secret keys used to protect computer users.

Experts say home kit is less at risk.

The Department of Homeland Security advised the public to change passwords for sites affected by the flaw once they had confirmed they were secure

There had been reports that domestic home networking equipment – such as Wi-Fi routers – might also make use of unpatched versions of the OpenSSL cryptographic library used to digitally scramble sensitive data.

However, a security researcher at the University of Cambridge’s Computer Laboratory said he thought this would be a relatively rare occurrence.

News of the Heartbleed bug emerged on Monday when Google Security and Codenomicon – a Finnish security company – revealed that a flaw had existed in OpenSSL for more than two years.

This had made it possible to impersonate services and users, and potentially eavesdrop on data communications.

The flaw only exposed 64K of data at a time, but a malicious party could theoretically make repeated grabs until they had the information they wanted.

The website set up to publicize the danger noted that it was possible to carry out such an attack “without leaving a trace”, making it impossible to know for sure if criminals or cyberspies had taken advantage of it.

Media reports initially focused on the risk of logging into compromised online services such as webmail, cloud storage and banking, with some – but not all – companies suggesting users should reset their passwords.

Warnings from companies including Cisco, Juniper, Fortinet, Red Hat and Watchguard Technologies that some of their internet products are compromised may now place the spotlight on the corporate sector.

The US government has said that it was working with third-party organizations “to determine the potential vulnerabilities to computer systems that control essential systems – like critical infrastructure, user-facing and financial systems”.

Meanwhile, officials suggested members of the public should “closely monitor your email accounts, bank accounts, social media accounts and other online assets for irregular or suspicious activity, such as abnormal purchases or messages”.

Nancy Clayson

Nancy is a young, full of life lady who joined the team shortly after the BelleNews site started to run. She is focused on bringing up to light all the latest news from the technology industry. In her opinion the hi-tech expresses the humanity intellectual level. Nancy is an active person; she enjoys sports and delights herself in doing gardening in her spare time, as well as reading, always searching for new topics for her articles.

Recent Posts

Donald Trump and Elon Musk Celebrate Election Victory at UFC 309

Image source: Wikimedia Commons President-elect Donald Trump celebrated his election victory at the Ultimate Fighting…

5 days ago

White House 2024: Donald Trump Wins, Kamala Harris Calls Him to Concede Election

Millions of voters across the US chose to return Donald Trump to the White House…

2 weeks ago

Who Won? Donald Trump Declares Victory as He Addresses Jubilant Supporters in Florida

Donald Trump declares victory in the US election as he addresses jubilant supporters in Florida.…

2 weeks ago

Stocks Soaring as Donald Trump Closes in on US Victory

Stocks around the world are rising as Donald Trump appears to be on the cusp…

2 weeks ago

Who Won? Kamala Harris Cancels Election Night Party as Path to Victory Narrows

Donald Trump has won Pennsylvania, North Carolina and Georgia and taken a lead over Kamala…

2 weeks ago

Quincy Jones Dead at 91

Quincy Jones, the celebrated musician and producer who worked with Michael Jackson, Frank Sinatra, Ray…

2 weeks ago