Hacker News: Thousands of websites still vulnerable to Heartbleed

Submitted by Sam Moore on Mon, 01/23/2017 - 12:03

Hacker news logo

It takes roughly three steps to remediate the Heartbleed bug.
 

  1. Patching: Update your software to the latest versions of OpenSSL; thankfully almost all organization have accomplished this step.
  2. Creation of New Private Keys: Creating new private keys will prevent an attacker, who already exploited the flaw before patching, from being able to spy on your encrypted.
  3. Reissuance of Security Certificates: This step will eliminate the ability of any attacker to spoof organizations and fool or phish their customers.

http://thehackernews.com/2017/01/heartbleed-openssl-vulnerability.html