eScan launches online tool to identify Heartbleed bug affected websites

14th April 2014 | By Mouseworld Now Correspondent |

Heartbled-bugMUMBAI, India- April 14, 2014: eScan, a leading Anti-Virus and Content Security Solution company, has launched an online tool to identify the latest vulnerability, Heartbleed bug which has been creating chaos in the cyber security landscape. The tool can be used to check whether the website being browsed is affected with the Heartbleed bug or not. The eScan tool can be accessed at www.escanav.com.
Heartbleed bug that created a major new security vulnerability came to light on April 7, 2014 with severe implications for the functioning of the entire web community. The Heartbleed bug can scrape a server’s memory, where sensitive user data is stored, including private data such as usernames, passwords, and has been in existence on the Internet for the past two years. The bug allows hackers to exploit a flaw in the OpenSSL encryption software used by a majority of major websites to steal data.

eScan MD and CEO Govind Rammurthy said, “Users are likely to be affected either directly or indirectly. OpenSSL is the most popular open source cryptographic library and TLS (Transport Layer Security) implementation used to encrypt traffic on the Internet. Hackers are using smart social engineering tricks more and more often on popular social sites, company’s site and commercial sites. Hence, our newly launched online tool makes it easy for IT users to enjoy safe internet browsing and have a secured computing experience.”
Since a majority of websites are vulnerable to the Heartbleed bug, changing a password will not help much; as the website would have to update their OpenSSL software first in order to mitigate the threat. Simply type the website address that you wish to browse into the box displayed in the tool, and it will let you know whether it is safe. Although, websites such as Facebook, Gmail, Amazon, Yahoo!, Twitter and others are not vulnerable, however numerous other websites/servers are still vulnerable to this.

The Heartbleed bug takes advantage of OpenSSL encryption software, which is in standard use by many websites and while browsing an SSL site, the secured site is designated by the small padlock symbol, however not all webservers have deployed OpenSSL. A new protocol was introduced to the TLS/DTLS allowing the usage of keep-alive functionality without performing a renegotiation. When messaging back and forth on a secure connection, sometimes computer wants to check the other computer’s availability. This cross checking is done by sending a small packet of data, called ‘heartbeat’.

 

Tags: , , , , , , ,

Leave your comment

IMPORTANT! To be able to proceed, you need to solve the following simple math

What is 3 + 4 ?
Please leave these two fields as-is:

Mouseworldnow Videos
  • r chandrashekhar president nasscom
  • Anant Maheshwari, President, Microsoft India
  • Suresh_Vaswani-220 by 220

Channel News

  • Second Edition of Annual 4.5G & 5G Innovation Summit concludes on a successful note more...
  • Wydr launches India Wholesale E-Fair more...
  • Snapdeal clocks record 3x growth in Kids Category more...
  • Paytm ensures 100% security for users’ identity in Money transfers more...
  • HP Rolls out Four New PageWide Web Presses more...
Subscribe via email

Enter your email address:

Follow us on Facebook
QUESTION HOUR
What does the mouse ask?

Will the spurt in online video advertisement steal the twinkle from the TV ad platform?

View Results

Loading ... Loading ...
Newsletter Registration