Embed Size (px)
DESCRIPTION
A security breach named "Heartbleed" has put passwords, credit cards and other sensitive data at risk. It affects OpenSSL versions 1.0.1 through 1.0.1f which concern 2/3 of the Web. Put in simple words, any encrypted traffic going over HTTPS is now totally unsecured.
Citation preview
Heartbleed Is your website vulnerable?
By https://twitter.com/SylvainKalache
On April 7th, 2014 a vulnerability was discovered in TLS implementations of OpenSSL 1.0.1
impacting 2/3 of the web.
If you do not patch your web servers anyone can access encrypted traffic that could contain passwords & credit card numbers
Fixing the issue happens in 2 steps: 1. Patching OpenSSL
2. Changing your certificate
To check if you are vulnerable
go to http://filippo.io/Heartbleed/
For more information about heart bleed: Technical explanation : https://www.schneier.com/blog/
archives/2014/04/heartbleed.html Is your favorite website safe: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/?utm_cid=mash-com-Tw-
main-link
![[QA Night Recife] Heartbleed SecInf](https://img.pdfslide.us/doc/110x75/55cf7ae2bb61eb92768b4643/qa-night-recife-heartbleed-secinf.jpg)
