×
×

News: [Security] Heartbleed vulnerability

Published: 09/04/2014 Back

You have probably heard about the "Heartbleed" security issue that was discovered earlier this week. This is major security bug in the popular OpenSSL cryptographic software library. When we were aware of this issue, we took immediate action to resolute this issue. As of now, we do not see any evidence that this heartbleed vulnerability affected or compromised our system.


If your have secured website with SSL, you may go to the following URL
https://lastpass.com/heartbleed/
https://www.ssllabs.com/ssltest/
to check whether your site is vulnerable to this heartbleed.


If you have VPN that using the TLS/DTLS implementation, you should upgrade your OpenSSL this the VPN hardware vendor and generate a new key. Cisco ASA VPN is not affected by this vulnerability. If you are using linux variance, you need to update the OpenSSL via the distribution security repositories.


Powered by HostBill