You probably have heard about it by now.
If not, read: http://techcrunch.com/2014/04/07/ma...sl-could-effect-a-huge-chunk-of-the-internet/
In case you are wondering, HS server was patched within a few hours of it becoming public knowledge.
We have no reason to believe anything was compromised or even attempted.. We don't even use SSL, as we don't do any transactions other than logging in to the forum but our sever is equipped with the openSSL software.
You should NEVER use a password on a forum/etc that is non-ssl on other sites that are, such as your bank, especially if you use group unsecured wifi (ie, at a coffee shop or even your work's wifi lan).
Consider your own surroundings and be smart. Never submit a password for something you care about on open wifi.
If not, read: http://techcrunch.com/2014/04/07/ma...sl-could-effect-a-huge-chunk-of-the-internet/
In case you are wondering, HS server was patched within a few hours of it becoming public knowledge.
Code:
[~]# yum list installed | grep -i openssl
cpanel-perl-514-Crypt-OpenSSL-Bignum.x86_64 0.04-1.cp1136 installed
cpanel-perl-514-Crypt-OpenSSL-DSA.x86_64 0.13-1.cp1136 installed
cpanel-perl-514-Crypt-OpenSSL-RSA.x86_64 0.28-1.cp1136 installed
cpanel-perl-514-Crypt-OpenSSL-Random.x86_64 0.04-1.cp1136 installed
openssl.x86_64 1.0.1e-16.el6_5.7 @updates
openssl-devel.x86_64 1.0.1e-16.el6_5.7 @updates
We have no reason to believe anything was compromised or even attempted.. We don't even use SSL, as we don't do any transactions other than logging in to the forum but our sever is equipped with the openSSL software.
You should NEVER use a password on a forum/etc that is non-ssl on other sites that are, such as your bank, especially if you use group unsecured wifi (ie, at a coffee shop or even your work's wifi lan).
Consider your own surroundings and be smart. Never submit a password for something you care about on open wifi.