Heartbleed. This is real. And it’s happening now.

Heartbleed. This is real. And it’s happening now.

The “heartbleed” bug recently discovered is the type of bug that security experts often discuss within the context of doomsday scenarios but truly never want to experience. The bug isn’t platformed specific; e.g. Patch Tuesday – Windows “fixes”; this bug targets the very fabric of secure communications across the Internet and all of those “things” that communicate across it.

The flaw at its very fundamental level steals information from SSL/TLS encrypted communications which is a core security requirement that all business and security executives agree upon without lengthy discussion – think of it as us breathing – essentially an action that is critical to our nature but we don’t consciously think about.

Download the StealthAUDIT for Systems Governance OpenSSL Discovery Scan.

So, how does this new Internet bug impact businesses, consumers, and the average Internet user? Well in the simplest of terms; passwords, credit card information, private communications, intellectual property discussions, and personally identifiable information to name a few could be available for nefarious actors due to this most recent exploit discovery.

This bug is massive in scope and is no longer a fictional doomsday scenario contained within the boundaries of security pontificators. This is real, this is happening now – and as I write this I am overwhelmed by how many family members I will need to help convince to change their password for on-line mail, preferred shopping sites, etc. I can only imagine how CISO’s are feeling this morning around their Internet-connected ecosystem they thought was secure just a few days ago – may very well be exposed from an attack vector they thought was a foundational security protection layer.

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.