McAfee launches Heartbleed checker tool
McAfee has launched an online tool to help check whether websites are using the pre-patched version of OpenSSL that is still vulnerable to the Heartbleed exploit.
Heartbleed Checker allows web users to enter website domains into the tool and determine whether those sites have upgraded to the version of OpenSSL that is not susceptible to the exploit.
McAfee Vice President of Consumer Marketing Gary Davis said it is important that users “first check to make sure the websites they frequent are updated before changing their passwords”.
Changing passwords prematurely could allow cybercriminals to access both the old and new password using the exploit.
Users with accounts on websites still using the vulnerable OpenSSL implementation should carefully monitor the account for any authorised activity, McAfee said.
Once the site has been patched, users should change their passwords, preferably to passwords using a combination of letters, digits and symbols that are at least eight characters long.
McAfee advises using a password manager to generate and store strong passwords, and making use of two-factor authentication when possible.
Heartbleed is a recently discovered bug in pre-patched versions of OpenSSL that potentially allows attackers to read parts of the memory cache of sites protected with SSL encryption - including user names and passwords.
The problem with passwords is not what you think
When it comes to secure authentication, there seems to be a lesson we're not learning.
Secure-by-design software development for digital innovation
The rise of DevSecOps methodologies and developments in AI offers every business the opportunity...
Bolstering AI-powered cybersecurity in the face of increasing threats
The escalation of complex cyber risks is becoming a pressing issue for those in business...
