Security experts are urging consumers to change their Web passwords after the recent disclosure of a vulnerability touching wide swaths of the Internet, even as Google Inc., Facebook Inc. and large banks said they weren't affected.
The flaw to OpenSSL, an open-source software that runs on as many as two-thirds of all active websites, was reported on April 7, by researchers who pushed out a fix. Dubbed Heartbleed, the bug could have allowed hackers to access encrypted e-mail messages, banking information, user names and passwords.
"The one saving grace with this flaw is that it was relatively simple to spot and as a result very simple to fix," Zully Ramzan, chief technology officer of Elastica, a cyber-security firm, wrote in an e-mail yesterday. "That said, OpenSSL is incredibly widespread. It's literally the most popular implementation of SSL on the planet. So any compromise in its security has far reaching implications."
Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.
Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Critical Treasury & Risk information including in-depth analysis of treasury and finance best practices, case studies with corporate innovators, informative newsletters, educational webcasts and videos, and resources from industry leaders.
- Exclusive discounts on ALM and Treasury & Risk events.
- Access to other award-winning ALM websites including PropertyCasualty360.com and Law.com.
*May exclude premium content
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
