{"id":5710,"date":"2014-05-09T09:23:32","date_gmt":"2014-05-09T07:23:32","guid":{"rendered":"http:\/\/blogs.sun.ac.za\/it\/?p=5710"},"modified":"2016-01-18T14:59:05","modified_gmt":"2016-01-18T12:59:05","slug":"heartbleed-wreaks-havoc","status":"publish","type":"post","link":"https:\/\/blogs.sun.ac.za\/it\/2014\/05\/heartbleed-wreaks-havoc\/","title":{"rendered":"Heartbleed wreaks havocHeartbleed saai verwoesting"},"content":{"rendered":"

<\/p>\n

If you read about a computer bug in the\u00a0YOU<\/em>, it has to be serious. This is exactly what happened with\u00a0Heartbleed<\/em>\u00a0last week.<\/p>\n

\"\"The now already infamous bug surfaced last month and wreaked havoc and many popular websites. You also might have received an e-mail by now requesting you to change your password for certain websites.<\/p>\n

Heartbleed<\/em>\u00a0indicates a vulnerability in security in OpenSSL software commonly for web encryption. The vulnerability allows a hacker access to the memory of data servers. According to\u00a0Netcraft, a company specialising in interne research, 5000 websites might have been infected by it.<\/p>\n

Unlike some viruses infiltrating your computer via e-mail,\u00a0Heartbleed<\/em>\u00a0<\/i>targets a weakness on\u00a0web servers. This implies that someone using a compromised website, runs the risk of having his username, password or credit card details intercepted. Without too much effort your data can be obtained and also access to your account.<\/p>\n

With\u00a0Heartbleed\u00a0<\/em>hackers can also gain access to the digital keys responsible for encryption on servers and thereby access a company’s confidential, internal documents.<\/p>\n

According to\u00a0Vocativ<\/a>, the term\u00a0Heartbleed<\/em>\u00a0<\/i>was chosen by\u00a0Ossi Herrala, a systems administrator at\u00a0Codenomicon. The technical name is\u00a0CVE-2014-0160 and refers to the line of code where the bug is located.\u00a0Heartbleed<\/em>\u00a0refers to an extension in\u00a0OpenSSL called\u00a0heartbeat.<\/em>\u00a0<\/i>The protocol is used to keep connections open, even if data is not transmitted between connections.<\/p>\n

If you haven’t changed your password for the affected sites, rather play it safe and change it anyway. It still remains good practice to change your passwords on a regular basis. If you want to know which sites have been targeted or what their current status is, you can do so\u00a0here<\/a>.<\/p>\n

More detailed information on\u00a0Heartbleed<\/em>\u00a0is available at:<\/p>\n

http:\/\/www.cnet.com\/news\/how-to-protect-yourself-from-the-heartbleed-bug\/<\/a>
http:\/\/www.cnet.com\/news\/heartbleed-bug-what-you-need-to-know-faq\/<\/a>
http:\/\/mashable.com\/2014\/04\/09\/heartbleed-bug-websites-affected\/
<\/a>http:\/\/www.vocativ.com\/tech\/hacking\/behind-scenes-crazy-72-hours-leading-heartbleed-discovery\/<\/p>\n

BRON: www.cnet.com<\/p>\n

 <\/p>\n

 <\/p>\n

<\/p>\n

Jy moet weet `n rekenaarswakplek is ernstig as dit al in die Huisgenoot<\/em> gedraai het en dis presies wat laasweek met die Heartbleed<\/em>\u00a0gebeur het.<\/p>\n

\"\"Die berugte swakplek het verlede maand sy opwagting gemaak en verwoesting gesaai op verskeie popul\u00eare webwerwe. Jy het waarskynlik teen die tyd \u00a0ook `n e-pos ontvang wat jou vriendelik versoek het om jou wagwoord te gaan verander op sommige webwerwe.<\/p>\n

Heartbleed<\/em> dui op `n swakplek in sekuriteit in OpenSSL sagteware wat `n kuberkraker toegang gee tot databedieners se geheue. Volgens\u00a0Netcraft, `n maatskappy wat spesialiseer in internetnavorsing, is 5000 webwerwe moontlik besmet daardeur.\u00a0<\/p>\n

Anders as virusse wat deur middel van e-pos op jou rekenaar beland, het Heartbleed<\/em> swakplekke in kode op webbedieners aangeval. Dit beteken dat `n gebruiker van die webwerf wat aangeval is, se data – gebruikersnaam, wagwoorde en kredietkaartdetails, die risiko loop om onderskep te word. Jou inligting kan dus sonder moeite bekom word en\u00a0kuberkrakers kan toegang kry tot jou rekening.<\/p>\n

Dit beteken ook dat kuberkrakers toegang kan kry tot die bedieners se digitale sleutels, wat verantwoordelik is vir enkripsie en tot `n maatskappy se vertroulike, interne dokumente.<\/p>\n

Volgens\u00a0Vocativ<\/a>, is die naam Heartbleed<\/em> gekies deur Ossi Herrala,`n stelseladministreerder by Codenomicon. Die tegniese naam is CVE-2014-0160 en verwys na die lyn kode waarin die swakplek vervat is. Heartbleed<\/em> verwys na `n verlenging in OpenSSL \u00a0genaamd heartbeat<\/em>. Die protokol \u00a0word gebruik om verbindings oop te hou, selfs as data nie gestuur word tussen verbindings nie.\u00a0<\/p>\n

Indien jy nog nie jou wagwoord verander het nie, speel liefs veilig en verander dit in elk geval. Dit bly steeds goeie praktyk om jou wagwoord gereeld te verander vir veiligheid. As jy wil weet watter webwerwe geteiken is deur Heartbleed, kan jy hier<\/a> gaan kyk.<\/p>\n

Meer gedetaileerde inligting oor Heartbleed<\/em> is ook beskikbaar by:<\/p>\n

http:\/\/www.cnet.com\/news\/how-to-protect-yourself-from-the-heartbleed-bug\/<\/a>
http:\/\/www.cnet.com\/news\/heartbleed-bug-what-you-need-to-know-faq\/<\/a>
http:\/\/mashable.com\/2014\/04\/09\/heartbleed-bug-websites-affected\/
<\/a>http:\/\/www.vocativ.com\/tech\/hacking\/behind-scenes-crazy-72-hours-leading-heartbleed-discovery\/<\/p>\n

BRON: www.cnet.com<\/p>\n

 <\/p>\n<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

If you read about a computer bug in the\u00a0YOU, it has to be serious. This is exactly what happened with\u00a0Heartbleed\u00a0last week. The now already infamous bug surfaced last month and wreaked havoc and many popular websites. You also might have received an e-mail by now requesting you to change your password for certain websites. Heartbleed\u00a0indicates […]<\/p>\n","protected":false},"author":259,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2679,29187],"tags":[],"class_list":["post-5710","post","type-post","status-publish","format-standard","hentry","category-internet","category-security-2"],"publishpress_future_action":{"enabled":false,"date":"2026-05-22 04:59:20","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/5710","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/users\/259"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/comments?post=5710"}],"version-history":[{"count":17,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/5710\/revisions"}],"predecessor-version":[{"id":9251,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/5710\/revisions\/9251"}],"wp:attachment":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/media?parent=5710"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/categories?post=5710"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/tags?post=5710"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}