You’ve probably heard about the Heartbleed bug by now, and may have even changed some of your passwords as a result of this vulnerability. The Heartbleed bug is a serious vulnerability in OpenSSL cryptographic software library. This weakness allows stealing information that, under normal conditions, is protected by SSL/TLS encryption that is used to secure the internet. SSL/TLS protects applications such as web, email, instant messaging, and some virtual private networks.
According to the Heartbleed official website, “The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify service providers and to encrypt the traffic, names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.”
Impulse has conducted an audit of all web servers running that were affected by Heartbleed. Our support team performed a scan and fixed our own servers and notified all our customers who were affected to let them know. Impulse email service never ran the vulnerable version of OpenSSL.
If you haven’t updated your passwords, or are unsure of which sites were affected, refer to this comprehensive list by Mashable for more information.