Businesses warned about Heartbleed bug
Wipfli LLP, a leading CPA and consulting firm, recently alerted businesses that on April 7, security researchers identified a flaw in a popular software library that puts nearly two-thirds of all secured websites at risk. The weakness allows attackers to steal encrypted information such as bank transactions, usernames, passwords and secure communications. The flaw is known as the “Heartbleed bug.”
The Heartbleed bug is a serious vulnerability in the very popular OpenSSL cryptographic software library, utilized on an estimated two-thirds of the Internet. This bug allows attackers to steal information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. This encryption provides security and privacy over the Internet for applications such as websites including banking sites, e-mail, instant messaging, and some virtual private networks (VPNs).
Below is a link to the Wipfli Alert that provides more details on the Heartbleed bug and what businesses can do to assess whether their systems are affected.