The Heartbleed Bug (CVE-2014-0160): How To Protect Servers From Vulnerability
Also known as CVE-2014-0160, Heartbleed is a serious security vulnerability in OpenSSL cryptography libraries that are widely used across the internet. This bug has been used to exploit a countless number of servers worldwide and ultimately leak valuable information such as usernames, passwords, X509 SSL certificates, instant messages, emails and other business critical documents.
Data security is essential for every business, and especially those with sensitive operations. Matt Haedo, Implementation Specialist at Miles Technologies, warns that businesses should take all necessary measures to protect against Heartbleed as soon as possible by installing patched software updates.
A popular misconception is that Heartbleed is a virus, and this is actually not the case. Rather, it is a programming error in the OpenSSL library. The bug exploits the 'heartbeat' feature in OpenSSL, returning a server message with compromised data attached.
Matt Haedo explains more about the exploit in this video, as well as how to check if your website is potentially vulnerable. By using a test server, penetration testing tool and vulnerable version of an Open VPN access server, he gives a visual demonstration of the bug in action and exposes how easy it is to access data.
Are you concerned about your businesses security? Has your business been compromised by Heartbleed? Contact Miles Technologies today and let our experts help make your servers safe.