Those of you who follow tech news may have heard about the HeartBleed vulnerability.<\/p>\n
This is a rather large bug in SSL libraries in common use that allows an attacker to get unsolicited data from an affected server. Typically this data contains user \/ password details for user accounts, or secret keys used by servers to encrypt data over SSL.<\/p>\n
Once the exploit was released, we immediately tested our own servers to see if we were vulnerable. We use an older non-affected version of SSL, so none of our services are\/were affected. <\/p>\n
Unfortunately a lot of larger commercial services were affected. <\/p>\n
Yahoo in particular was slow to resolve the issue, and I would assume that any users passwords are compromised. <\/p>\n
We ourselves saw user\/passwords ourselves when we tested the vulnerability checker against Yahoo..<\/p>\n
We advise you to change your passwords, especially if the same password was used other sites, as you can safely assume that passwords on other services are compromised.<\/p>\n
I also strongly recommend this action for any users of online banking.<\/p>\n
There is a list of affected servers here –
\nhttps:\/\/github.com\/musalbas\/heartbleed-masstest\/blob\/master\/top1000.txt<\/a><\/p>\n