http://www.cnet.com/news/how-to-protect-yourself-from-the-heartbleed-bug/
By Richard Nieva
CNET News
Security
April 8, 2014
A major new security vulnerability dubbed Heartbleed was disclosed Monday
night with severe implications for the entire Web. The bug can scrape a
server's memory, where sensitive user data is stored, including private
data such as usernames, passwords, and credit card numbers.
It's an extremely serious issue, affecting some 500,000 servers, according
to Netcraft, an Internet research firm. Here's what you can do to make
sure your information is protected, according to security experts
contacted by CNET:
Do not log into accounts from afflicted sites until you're sure the
company has patched the problem. If the company hasn't been forthcoming --
confirming a fix or keeping you up to date with progress -- reach out to
its customer service teams for information, said John Miller, security
research manager for TrustWave, a security and compliance firm.
Some Web sites that appeared to have been affected included Yahoo and
OKCupid, though the companies have said their sites are all or partly
fixed (see below for details). You can check sites on an individual basis
here, though caution is still advised even if the site gives you an "all
clear" indication. If you're given a red flag, avoid the site for now.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
