New Vulnerability “Heartbleed” Steals Passwords and Data

by EMT
April 15, 2014

WARNING: New vulnerability “HEARTBLEED” steals passwords and data.

The Heartbleeed bug is the latest security flaw affecting millions on the internet. At its most basic, Heartbleed allows attackers to monitor all information passed between a user and a web service.

Information used for applications such as web, email, instant messaging and some virtual private networks (VPNs) is typically protected by SSL/TLS encryption. Heartbleed compromises the Open SSL software and essentially gives the aggressor the ability to eavesdrop on communications, thus stealing data and even impersonate the services as well as the users.

Information that may be compromised can be anything from passwords and credit card numbers to the content of your actual correspondence, documents and data.

As long as the vulnerable version of OpenSSL is in use it can be abused.

For our eCare Network Management customers plans and processes were quickly implemented to rectify this vulnerability as it began to hit the message boards. A “Fixed OpenSSL” software update has been released and deployed throughout our customer environments. Additionally, our partners at LogMeIn and WatchGuard have stepped up efforts to address specific concerns. For example, LogMeIn has released a new version of its software, and WatchGuard has informed us that, although they are unaware of ANY breaches related to Heartbleed, they have released an update with critical patches on their firewalls to continue to prevent any future potential exposure. Both of these upgrades have been rolled out on appliances free of charge to our eCare customer base.

eMazzanti Technologies is aware of these problems and we continue to dedicate ourselves, not only to protecting our clients, but informing them of any and all issues that may affect their livelihood.

As always, we look to ensure that “our experience, improves your experience” and allow you to focus on what is most important to you, your business.

If you have any questions or concerns about Heartbleed or any other of your IT and networking needs, please reach out to us at:

866-EMAZZANTI

[email protected]

Sincerely,

Your eMazzanti Team

To learn more, contact us today.

UPCOMING VIRTUAL EVENTS

Demystifying Cyber Security for SMBs

The continually changing threat landscape requires us to update best practices and add new concepts to keep your organization safe.

SESSION 4: Cyber Security Strategy
Watch On-Demand

SESSION 5: Cyber Insurance & MFA
Watch On-Demand

SESSION 6: Threat Detection | JAN. 15

Microsoft Copilot
Master Class Workshop

eMazzanti will host 60-minute Master Classes, that speak to how AI can help your business streamline and grow.

In each session, you will have Artificial Intelligence and Automation explained, view a live demo of Copilot, and see it live in action in a dynamic format.

RESOURCES

Cyber Security Awareness Hub

Cyber Security Awareness Kit, designed to be delivered to your team in bitesize chunks.

We are sharing the resources and highlighting services your organization needs, covering everything from multifactor authentication to software updates, showing your users just how easy it is to improve their security posture.