SEARCH

  • [:en]Recent Posts[:af]Onlangse bydraes

  • [:en]Categories[:af]Kategorieë

  • [:en]Archives[:af]Argiewe

«
»

Heartbleed wreaks havocHeartbleed saai verwoesting

If you read about a computer bug in the YOU, it has to be serious. This is exactly what happened with Heartbleed last week.

The now already infamous bug surfaced last month and wreaked havoc and many popular websites. You also might have received an e-mail by now requesting you to change your password for certain websites.

Heartbleed indicates a vulnerability in security in OpenSSL software commonly for web encryption. The vulnerability allows a hacker access to the memory of data servers. According to Netcraft, a company specialising in interne research, 5000 websites might have been infected by it.

Unlike some viruses infiltrating your computer via e-mail, Heartbleed targets a weakness on web servers. This implies that someone using a compromised website, runs the risk of having his username, password or credit card details intercepted. Without too much effort your data can be obtained and also access to your account.

With Heartbleed hackers can also gain access to the digital keys responsible for encryption on servers and thereby access a company’s confidential, internal documents.

According to Vocativ, the term Heartbleed was chosen by Ossi Herrala, a systems administrator at Codenomicon. The technical name is CVE-2014-0160 and refers to the line of code where the bug is located. Heartbleed refers to an extension in OpenSSL called heartbeat. The protocol is used to keep connections open, even if data is not transmitted between connections.

If you haven’t changed your password for the affected sites, rather play it safe and change it anyway. It still remains good practice to change your passwords on a regular basis. If you want to know which sites have been targeted or what their current status is, you can do so here.

More detailed information on Heartbleed is available at:

http://www.cnet.com/news/how-to-protect-yourself-from-the-heartbleed-bug/
http://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
http://www.vocativ.com/tech/hacking/behind-scenes-crazy-72-hours-leading-heartbleed-discovery/

BRON: www.cnet.com

 

 

Jy moet weet `n rekenaarswakplek is ernstig as dit al in die Huisgenoot gedraai het en dis presies wat laasweek met die Heartbleed gebeur het.

Die berugte swakplek het verlede maand sy opwagting gemaak en verwoesting gesaai op verskeie populêre webwerwe. Jy het waarskynlik teen die tyd  ook `n e-pos ontvang wat jou vriendelik versoek het om jou wagwoord te gaan verander op sommige webwerwe.

Heartbleed dui op `n swakplek in sekuriteit in OpenSSL sagteware wat `n kuberkraker toegang gee tot databedieners se geheue. Volgens Netcraft, `n maatskappy wat spesialiseer in internetnavorsing, is 5000 webwerwe moontlik besmet daardeur. 

Anders as virusse wat deur middel van e-pos op jou rekenaar beland, het Heartbleed swakplekke in kode op webbedieners aangeval. Dit beteken dat `n gebruiker van die webwerf wat aangeval is, se data – gebruikersnaam, wagwoorde en kredietkaartdetails, die risiko loop om onderskep te word. Jou inligting kan dus sonder moeite bekom word en kuberkrakers kan toegang kry tot jou rekening.

Dit beteken ook dat kuberkrakers toegang kan kry tot die bedieners se digitale sleutels, wat verantwoordelik is vir enkripsie en tot `n maatskappy se vertroulike, interne dokumente.

Volgens Vocativ, is die naam Heartbleed gekies deur Ossi Herrala,`n stelseladministreerder by Codenomicon. Die tegniese naam is CVE-2014-0160 en verwys na die lyn kode waarin die swakplek vervat is. Heartbleed verwys na `n verlenging in OpenSSL  genaamd heartbeat. Die protokol  word gebruik om verbindings oop te hou, selfs as data nie gestuur word tussen verbindings nie. 

Indien jy nog nie jou wagwoord verander het nie, speel liefs veilig en verander dit in elk geval. Dit bly steeds goeie praktyk om jou wagwoord gereeld te verander vir veiligheid. As jy wil weet watter webwerwe geteiken is deur Heartbleed, kan jy hier gaan kyk.

Meer gedetaileerde inligting oor Heartbleed is ook beskikbaar by:

http://www.cnet.com/news/how-to-protect-yourself-from-the-heartbleed-bug/
http://www.cnet.com/news/heartbleed-bug-what-you-need-to-know-faq/
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/
http://www.vocativ.com/tech/hacking/behind-scenes-crazy-72-hours-leading-heartbleed-discovery/

BRON: www.cnet.com

 

Email

This entry was posted on Friday, May 9th, 2014 at 9:23 am and is filed under Internet, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

2 Responses to “Heartbleed wreaks havocHeartbleed saai verwoesting

  1. Sonja van der Westhuizen says:
    15/05/2014 at 9:14 am

    Jy’s heeltemal reg Theo.

  2. tpepler says:
    09/05/2014 at 5:34 pm

    Technically Heartbleed is a “bug”, not a “virus”.