Santa Clara University

Information Security Office

News and Events

 
RSS

Information Security News and Events

News, events, views, tips, and hints for keeping your personal information private.

The following postings have been filtered by tag openssl. clear filter
  •  HeartBleed-Critical Internet Security Issue

    Wednesday, Apr. 9, 2014

    Immediate action required whether you use a PC, Mac, or smartphone. Researchers have discovered a critical bug in the communication protocol that is used to secure transactions on an estimated 500,000 websites.When you log into a website, your username and password are sent to that website's server. Typically your credentials are encrypted using a protocol called Secure Sockets Layer, or SSL.  One of the most commonly used implementations of SSL is called OpenSSL and it is used by approximately 66% of websites.

    Heartbleed is a bug in OpenSSL that allows attackers to decode and read text from emails, instant messages, passwords, even business documents -- anything sent to a vulnerable site's server.Heartbleed is so critical that almost every major web site and vendor service is scrambling to resolve it.

    Google has released a statement that their sites are not vulnerable.  SCU’s technical staff is working with our vendors to identify and address the issue on other SCU systems.  

    SCU's Information Security Office strongly recommends that you change your SCU Network ID and eCampus passwords right away.  

    You can change your Network ID password here: https://sso.scu.edu/gam/passwords.html.  

    We also recommend changing passwords for all sites where you conduct financial or personal business.  Be sure to use long and strong passwords and change them regularly.

     More information about Heartbleed

    http://www.cnn.com/2014/04/08/tech/web/heartbleed-openssl/

     http://www.thewire.com/technology/2014/04/what-you-need-to-know-about-heartbleed-the-new-security-bug-scaring-the-internet/360366/

     

     

Information Security Office, 1-408-554-5554, iso@scu.edu