McAfee launches Heartbleed checker tool
McAfee has launched an online tool to help check whether websites are using the pre-patched version of OpenSSL that is still vulnerable to the Heartbleed exploit.
Heartbleed Checker allows web users to enter website domains into the tool and determine whether those sites have upgraded to the version of OpenSSL that is not susceptible to the exploit.
McAfee Vice President of Consumer Marketing Gary Davis said it is important that users “first check to make sure the websites they frequent are updated before changing their passwords”.
Changing passwords prematurely could allow cybercriminals to access both the old and new password using the exploit.
Users with accounts on websites still using the vulnerable OpenSSL implementation should carefully monitor the account for any authorised activity, McAfee said.
Once the site has been patched, users should change their passwords, preferably to passwords using a combination of letters, digits and symbols that are at least eight characters long.
McAfee advises using a password manager to generate and store strong passwords, and making use of two-factor authentication when possible.
Heartbleed is a recently discovered bug in pre-patched versions of OpenSSL that potentially allows attackers to read parts of the memory cache of sites protected with SSL encryption - including user names and passwords.
Too much of a good thing: Australia's cyber overlap issue
Recent research indicates many organisations may have too many security systems with overlapping...
The true cost of cyber attacks
The average annual expense of recovering and dealing with cyber attacks has surpassed AU$4.1...
Tackling the human element in modern authentication: the phishing-resistant user
Integrating human-centric cybersecurity strategies is not merely an option but a necessity in...
