Skip to main content

All the passwords you should change because of Heartbleed, in one handy graphic

Image Credit: WallpaperStock

Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.


The Heartbleed security flaw was fixed in the newest version of OpenSSL, but you should still change your passwords on all of the sites affected by the bug.

If you’re still not sure which sites were affected, we have the perfect chart for you, created by the “digital forensic specialists” at LWG Consulting. Major sites ranging from Facebook and Google to Pinterest and Flickr were affected. Luckily, many financial institutions were not.

Click here for the full size graphic.

LWG_Heartbleed

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

As we wrote yesterday, “Heartbleed arose inside a version of open-source OpenSSL cryptographic software. Information sitting inside the memory of a server should be encrypted, but a little bit of data could be pulled out under an attack. The vulnerability affected widely used infrastructure from cloud providers like Heroku and Amazon Web Services as well as networking hardware from vendors like Cisco and Juniper.”

Most recently, a report emerged alleging that the U.S. National Security Agency had known about Heartbleed for more than two years, and even exploited it. The NSA later denied the allegations.

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.