Heartbleed bug puts secure websites at risk
Wipfli LLP, a CPA and consulting firm, recently alerted businesses that on Monday, April 7, security researchers identified a flaw in a popular software library that puts nearly two-thirds of all secured websites at risk.
The weakness allows attackers to steal encrypted information such as bank transactions, usernames, passwords and secure communications. The flaw is known as the “Heartbleed bug.”
The Heartbleed bug is a vulnerability in the OpenSSL cryptographic software library, utilized on an estimated two-thirds of the Internet.
This bug allows attackers to steal information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. This encryption provides security and privacy over the Internet for applications such as websites including banking sites, e-mail, instant messaging and some virtual private networks (VPNs).
For more information about the Heartbleed bug and what businesses can do to assess whether their systems are affected, visit www.wipfli.com/PressRoom_RAFS_AU_Heartbleed.aspx.