People should ‘Stop all transactions for a few days,’ due to Heartbleed, security exec says

netcraft heartbleed browser extension google chrome opera firefox 34

We’ve seen some pretty scary quotes from Web security and cloud services experts regarding the Heartbleed flaw in OpenSSL. Heartbleed allows hackers to steal a potential treasure trove of data, including user names, passwords, emails, credit card numbers and more, without being detected by exploiting a flaw in the OpenSSL data encryption service used by many websites around the world. However, to this point, the quote offered by Mike Lloyd, who is the CTO of RedSeal, a network security firm, might be the most frightening of them all.

“Stop all transactions for a few days,” Lloyd said of the Heartbleed bug, which was recently uncovered by a team of researchers, despite the fact that it has existed for roughly two years.

Lloyd also states that “automation” is the key to combating threats like Heartbleed, as he wrote in an official RedSeal blog post.

“What you need is automation – not just vulnerability scanning (which can find those unpatched machines), but also a pre-built map, and a way to automate and speed up the query for “where are these machines suffering from Heartbleed, and what are they exposed to?”. Wise organizations plan for this – we know it’s going to happen again.”

MORE: How to check if your favorite websites are vulnerable to the Heartbleed bug

That’s what makes dealing with the realities of Heartbleed so frustrating. Aside from changing passwords and avoiding websites that are allegedly affected by Heartbleed, the average person is largely powerless when it comes to dealing with the threat. This isn’t a fire that can be snuffed out by employing the latest and greatest malware and anti-virus scanners, considering that this isn’t malware, but a gaping hole in the encryption service used by many of the world’s websites. It’s on individual companies, organizations, and governments to switch to a version of OpenSSL that doesn’t contain the Heartbleed flaw.

MORE: Here’s a list of websites allegedly affected by the Heartbleed bug (Updated)

Fortunately, to this point, more than a few household name websites that were once vulnerable or suspected of being susceptible to Heartbleed, have since reportedly been patched. These include Yahoo, Google, Dropbox and others.

However, Lloyd’s warning shouldn’t go unheeded. After all, Canada has put a stop to online tax payments for the time being in light of the Heartbleed revelation, and we can’t help but wonder if other governments, companies and organizations will follow suit soon.

What do you think? Sound off in the comments below.

Image credit:


Think iPhones can’t get viruses? Our expert explains why it could happen

If your iPhone has been acting strangely, then you may be concerned about the possibility it is infected with a virus or some malware. We take a look at just how likely that is and explain why iOS is considered relatively safe.

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.
Product Review

The Division 2 brings the most fun we've ever had to Washington, D.C.

After 55 hours with The Division 2, it’s clear that Ubisoft has improved on the original in almost every way. The world is richly detailed, the story missions are wonderful, gunplay and enemy design are great, and the endgame content is…

Have an issue with your 3DS? We can help you fix it with these common solutions

The Nintendo 3DS has seen its fair share of issues since it launched in 2011, including poor battery life and fragile Circle Pads. Here are some of the most common, as well as the steps you can take to solve them.

If you have $5,200, Apple has 256GB of RAM for your iMac Pro

Professionals looking to run intensive applications will be able to push their work a bit further with Apple's latest iMac Pro, which holds 256GB of DD4 ECC RAM for $5,200. Here's why it costs so much to upgrade your iMac Pro to the top.

Don’t be fooled! Study exposes most popular phishing email subject lines

Phishing emails are on the rise and a new study out by the cybersecurity company Barracuda has exposed some of the most common phishing email subject lines used to exploit businesses. 
Product Review

The Lenovo Legion Y740 brings RTX 2080 graphics power for under $2,500

Coming with the Intel Core i7-8750H processor, Nvidia GeForce RTX 2080 Max-Q graphics, 16GB of RAM, and a 256GB PCIe NVMe SSD, the Legion Y740 one big beast. But priced at under $2,500 how does Lenovo’s Legion stand up against the crowd?

From Air to Pro, here are the best MacBook deals for March 2019

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.

Oculus shows off the Rift S, plans to phase out its original VR headset

Oculus plans to phase out its flagship Rift VR headset for its newly created Rift S. The Rift S made its debut this week at the 2019 Game Developers Conference and is expected to be released in spring 2019.

Get the best of both worlds by sharing your data on MacOS and Windows

Compatibility issues between Microsoft Windows and Apple MacOS may have diminished sharply over the years, but that doesn't mean they've completely disappeared. Here's how to make an external drive work between both operating systems.

Give your MacBook Air some added style with one of these great cases or sleeves

Whether you’re looking for added protection or a stylish flourish, you’re in the right place for the best MacBook Air cases. We have form-hugging cases, luxurious covers, and padded sleeves priced from $10 to $130. Happy shopping!

Intel teases 9th-generation Core i9 mobile processors at GDC 2019

Intel teased its new 9th-generation Intel Core i9 processors at GDC 2019. The company offered few specifics about the hardware, but a leak from late February provides insight into what the new processors might offer.

Intel Command Center lays foundation for next year’s ‘Arctic Sound’ GPU

Intel revealed its new Command Center driver software at GDC 2019. The updated interface will control current Intel integrated graphics and also lays the groundwork for next year's Intel video card.

How much!? British Airways glitch results in $4.2M quote for family vacation

Website errors sometimes cause flight prices to display at way below the correct price. But British Airways recently experienced the opposite issue when it tried to charge a family more than $4 million for a vacation in Mexico.