A security breach named "Heartbleed" has put passwords, credit cards and other sensitive data at risk. It affects OpenSSL versions 1.0.1 through 1.0.1f which concern 2/3 of the Web.
Put in simple words, any encrypted traffic going over HTTPS is now totally unsecured.
2. On April 7th, 2014 a vulnerability was discovered in TLS
implementations of OpenSSL 1.0.1
impacting 2/3 of the web.
3. If you do not patch your web servers anyone can access
encrypted traffic that could contain
passwords & credit card numbers
4. Fixing the issue happens in 2 steps:
1. Patching OpenSSL
2. Changing your certificate
5. To check if you are
vulnerable
go to
http://filippo.io/Heartbleed/
6. For more information about heart bleed:
Technical explanation : https://www.schneier.com/blog/
archives/2014/04/heartbleed.html
Is your favorite website safe: http://mashable.com/2014/04/09/
heartbleed-bug-websites-affected/?utm_cid=mash-com-Tw-
main-link