http://news.msn.com/science-technol...d-the-new-security-bug-scaring-the-internet-1 this is scary as now im not sure if my bank account is breached or all the times ive made purchases online have access to my families info .
Just got a notification that someone has been signing into my google account in different places around the UK. Pretty pissed, but they didn't delete or Hijack anything.
Is it a coincidence this heartbleed virus is made public not long after it was suspected congress wouldn't approve the Cybersecurity Law? With how much hacking power the NSA has I wouldn't put it pass our own government to do this so they can pass a law that would give them more control and power over the internet. Create a problem, be the solution. The US Government has been known for creating virus' as weapons.
See also: https://krebsonsecurity.com/2014/04/heartbleed-bug-exposes-passwords-web-site-encryption-keys/ If you want to check to see what HTTPS sites are affected still: https://www.ssllabs.com/ssltest/ It's not a virus, it's a bug in OpenSSL. It's patched now with OpenSSL 1.0.1g, most servers have updated and people doubt it was actually used much in the wild before it was found.
Means hackers need access to your phone or authenticator app in order to access your account even if they guess your password
Steam was vulnerable but now resolved. Do what the article says about resetting Steam Guard and your password. Still trying to find out if Uplay and Origin were compromised. If anyone finds out post a link.
Was happily ignoring this until I just got an email from NCsoft just now saying someone in Japan is trying to log into my account..
Basically wait till said sites are patched (most are now), pray that they've changed their HTTPS certificates and then change your password. https://krebsonsecurity.com/2014/04/heartbleed-bug-what-can-you-do/ But to pretend that HTTPS is "all better now" is a pretty false sense of security. Sure, having HTTPS is better than nothing, but a lot of sites don't even impliment it as well as they could. For instance, Perfect Forward Secrecy. https://www.eff.org/deeplinks/2014/04/bleeding-hearts-club-heartbleed-recovery-system-administrators
