{"id":24502,"date":"2014-04-15T09:05:06","date_gmt":"2014-04-15T16:05:06","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=24502"},"modified":"2014-04-16T10:07:18","modified_gmt":"2014-04-16T17:07:18","slug":"heartbleed-threat-alert-update","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/heartbleed-threat-alert-update\/","title":{"rendered":"Heartbleed Threat Alert Update"},"content":{"rendered":"

\"heartbleed-update\"<\/a><\/p>\n

Recently, the OpenSSL project issued an emergency security advisory about an open bug called “Heartbleed,” which has since made headlines<\/a> around the world.\u00a0Heartbleed is serious vulnerability in OpenSSL<\/a>, which is the system used to ensure the security of about half the websites on the Internet, and it could lead to malicious hackers spying on what were thought to be secure Internet communications.<\/p>\n

Here at Intego, we take our responsibility to protect you very seriously, and we want to provide some resources to keep you well informed.\u00a0We invite all Mac and iOS users to check out the top\u00a0FAQ’s on Heartbleed\u00a0<\/a>to learn how this bug may affect you.\u00a0<\/span><\/p>\n

Are Mac Users “Immune” to Heartbleed?<\/strong><\/p>\n

Reports surfaced last week stating that\u00a0OS X and OS X Server are “immune” from Heartbleed. Unfortunately, as Graham Cluley mentioned in our FAQ on Heartbleed<\/a> for Mac and iOS users, using a Mac does not make you safe from Heartbleed<\/a>.\u00a0We cannot stress this enough: while Apple products may be \u201csafe,\u201d encrypted data is not.<\/p>\n

The Heartbleed bug enables the theft of information otherwise protected by SSL\/TLS encryption, and it affects many of the websites and other Internet services you use. If the services use OpenSSL to help manage the flow of encrypted data, it doesn\u2019t matter if you\u2019re on a Mac or a Windows computer, your data may be at risk.<\/p>\n

What You Need To Do\u00a0<\/strong><\/p>\n

If you use a site that is affected, the security bug possibly compromised your password, and you’ll have to change it\u00a0once the bug is fixed. Before you change a password on a website, first check to see if the site is vulnerable to Heartbleed. Don\u2019t change your password until you know the affected business has fixed its servers to remove the Heartbleed vulnerability.<\/i><\/span><\/p>\n

When you’re ready to change your password, if you’re having trouble keeping track of them all, we put together a list of\u00a0password managers for Mac and iOS<\/a> that you can try.<\/p>\n

Check Vulnerable Websites<\/strong><\/p>\n

You can check if a site is vulnerable by using a special search tool, here: http:\/\/filippo.io\/Heartbleed<\/a><\/p>\n

Where to Get More Information<\/strong><\/p>\n

A great overview about Heartbleed is covered at<\/span>\u00a0<\/span>The Wire<\/a>, which points out that fixes for the flaw will take some time, because individual servers have to be fixed manually, and some people might not get around to repairing the bug for quite awhile. In other words, you should take heed from Heartbleed on a site-by-site basis. Until affected sites are fixed, we strongly encourage you to stay away from those sites.<\/span><\/p>\n

You can check to see if a site is affected by using the search tool mentioned above, or you can take a look at the\u00a0list of well-known affected brands provided by Mashable<\/a>.<\/p>\n

How Else Can You Protect Your Data?\u00a0<\/strong><\/p>\n

Although anti-virus software cannot protect your data after it has been entered into vulnerable websites, Intego encourages all Mac users to implement a layered approach<\/a> to Internet security<\/a>, which can help keep your Mac and your data safe from known malware and malicious applications.<\/p>\n","protected":false},"excerpt":{"rendered":"

Recently, the OpenSSL project issued an emergency security advisory about an open bug called “Heartbleed,” which has since made headlines around the world.\u00a0Heartbleed is serious vulnerability in OpenSSL, which is the system used to ensure the security of about half the websites on the Internet, and it could lead to malicious hackers spying on what […]<\/p>\n","protected":false},"author":4,"featured_media":24589,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5],"tags":[943,946],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\n\n\t\n\t\n\t\n