Discussion Forum - Northstar Chevelle Club

Members Login
Username 
 
Password 
    Remember Me  
NCC Forum Home Page -> NCC - General Discussion -> **HEARTBLEED** Internet Hacking Virus/Attacker
Post Info TOPIC: **HEARTBLEED** Internet Hacking Virus/Attacker
Webmaster


Forum Administrator

Status: Offline
Posts: 111
Date:
**HEARTBLEED** Internet Hacking Virus/Attacker
Permalink  
 

This was sent out to us by the head of our I.T. Department at work. They're kinda worried about it - thought I'd pass it along.

 

Many of you probably have heard about a serious internet exploit that surfaced recently called Heartbleed. The big issue about this exploit is that your sensitive information, including user names and passwords, may have been captured by internet thieves from sites that you thought were secure like banking sites, yahoo sites, Facebook and others. These sites may have displayed the locked padlock or green bar that signifies a secure connection but in reality there is a flaw that can expose your personal information. I placed a link below so you can find out more about it and a link where you can test secure sites before using them. VTI’s internal secure web sites are safe and were not exposed to this vulnerability at any time.

 

What you can do to help protect yourself: Change all of your passwords at all internet sites you use and username if possible ASAP. It is best that you use the tool below to check the site first to make sure it is fixed before making the change so that your new password is not compromised.

 

 

More information and site listings: http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/

Test a site yourself: http://filippo.io/Heartbleed/

 

 

Rick Allan                                         

Chief Technology Officer               



__________________
Webmaster


Forum Administrator

Status: Offline
Posts: 111
Date:
Permalink  
 

Another notice from my work I.T. guy...

This is a follow-up to my earlier email about the Heartbleed vulnerability. I have received several calls concerning this with the common question “Do I really need to change all my passwords?” The short answer to this is yes, you should, unless you know for sure that a site never was susceptible to the vulnerability and that you do not use the same password for multiple sites. You should use this link, tif.mcafee.com/heartbleedtest to check a site BEFORE you set a new password to make sure that the site is not still vulnerable. The link I sent in the original email is down due to too much traffic. Here are some key points when dealing with passwords:

· Make the password difficult. Use at least 10 characters, a mix of uppercase and lowercase letters, numbers and symbols if the site allows it.

· Use two-factor authentication if the site offers it. Google and Yahoo offer this feature and it makes your logons really secure even if someone stole your username and password.

· Use a different password for each site in case one of your passwords gets stolen.

· Change passwords frequently.

· If you use a password manager program make sure it is secure and encrypted as well.


Over a half of a million sites are affected by the Heartbleed vulnerability and our wonderful government (NSA) knew about it and used the exploit for over 2 years and never told us about it.


I checked the following sites and they were never vulnerable to the Heartbleed issue:

· Wells Fargo banking

· Wells Fargo Credit Cards

· McCready and Keene retirement site (a 401K provider)

· BMO Harris Bank (an HSA plan )



__________________
Page 1 of 1  sorted by
 
Quick Reply

Please log in to post quick replies.
NCC Forum Home Page -> NCC - General Discussion -> **HEARTBLEED** Internet Hacking Virus/Attacker
Chatbox
Please log in to join the chat!