Results 1 to 3 of 3

Thread: Does This Forum Use OpenSSL? We Could Be Compromised!

  1. #1
    Senior Member
    Join Date
    Jan 2011
    Location
    SW OK
    Posts
    1,527
    Post Thanks / Like

    Question Does This Forum Use OpenSSL? We Could Be Compromised!

    This is a letter I received from another forum I have used in the past. It made me start going to all my current and old haunts to change my passwords. I thought it would be wise to ask here as well.

    [QUOTE] As some who follow the tech world (and even some non-tech news sources) may know, an extremely critical vulnerability was discovered in OpenSSL. OpenSSL is what is used by at least 66% of the Internet to serve secure connections, including connections for websites, email, chat, virtual private networks, and many other services. The name that has been applied to this vulnerability is “Heartbleed” due to the nature of the information available from the attacks. Using this vulnerability, malicious individuals could access sensitive information submitted by people actively visiting a website including usernames, passwords and credit card numbers. Users across the Internet should be especially aware of any suspicious activity on their accounts.We have no indication that there was any breach or compromise of XXXXXXXX. I've personally spent much of the week analyzing the logs for the past 30 days as well as comparing data across backups, so I can say with confidence that nothing seems out of the ordinary.On Tuesday, upon publication of the vulnerability and release of patches, we updated OpenSSL to a non-vulnerable version, installed a new SSL certificate, and revoked the previous certificate.However, we encourage all users to update their passwords, especially if you use the same password across multiple sites [/QUOTE]
    Firecat 400

  2. #2
    Senior Member
    Join Date
    Jan 2011
    Location
    SW OK
    Posts
    1,527
    Post Thanks / Like

    Default

    [QUOTE=MLN1963;113912]This is a letter I received from another forum I have used in the past. It made me start going to all my current and old haunts to change my passwords. I thought it would be wise to ask here as well.

    As some who follow the tech world (and even some non-tech news sources) may know, an extremely critical vulnerability was discovered in OpenSSL. OpenSSL is what is used by at least 66% of the Internet to serve secure connections, including connections for websites, email, chat, virtual private networks, and many other services. The name that has been applied to this vulnerability is “Heartbleed” due to the nature of the information available from the attacks. Using this vulnerability, malicious individuals could access sensitive information submitted by people actively visiting a website including usernames, passwords and credit card numbers. Users across the Internet should be especially aware of any suspicious activity on their accounts.We have no indication that there was any breach or compromise of XXXXXXXX. I've personally spent much of the week analyzing the logs for the past 30 days as well as comparing data across backups, so I can say with confidence that nothing seems out of the ordinary.On Tuesday, upon publication of the vulnerability and release of patches, we updated OpenSSL to a non-vulnerable version, installed a new SSL certificate, and revoked the previous certificate.However, we encourage all users to update their passwords, especially if you use the same password across multiple sites [/QUOTE]
    I also posted this here so y'all can check with other forums you hang out at.
    Firecat 400

  3. #3
    Super Moderator Arrow Splitter's Avatar
    Join Date
    Oct 2010
    Location
    Gilmanton, NH, United States
    Posts
    3,655
    Post Thanks / Like

    Default

    Thanks for that MLN, and welcome back. So are you going to stay around awhile?

    A.S
    2011 Martin Firecat 400/NAP Apache Dropaway/Truglo Xtreme Sight/Custom 8" Stabilizer/Victory V6 Arrows
    2007 Martin Jaguar /Trophy Taker Dropaway/Extreme Sight/Custom 21" Stabilizer/Victory V6 Arrows
    Bow String Depot, Custom String Builders email us @ bowstringdepot@gmail.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •