It is just two months back that security researchers found out about vulnerability in OpenSSL software. Many articles were written on the same to explain that if this vulnerability is exploited it would no longer be necessary for cyber-criminals to hack into the server to steal the credentials or private keys. An easy execution of a small code will provide them with wealth of information. It could allow anyone to easily access data servers that may contain username, password and other sensitive information.
When the Heartbleed vulnerability was announced, nearly two-thirds of websites were found vulnerable. Half of them got patched soon after that and others were patched later. But now, over two months after Heartbleed vulnerability, Security researcher, Robert Graham from Errata Security, found out that a massive 3,00,000 systems are still vulnerable.
He says, that people have stopped even trying to patch. It is a serious issue and people should not take it so lightly.
Moreover, every website / server / service admin, who use OpenSSL should be concerned about this vulnerability as it breaks everything for which SSL encryption was deployed in the first place.
If you have still not patched your systems, it is time to do it now!
For more details and security tips visit: https://blog.escanav.com/2014/04/14/heartbleed-bug-dangerous-security-threat-ever-seen/
