How bad has Heartbleed been? My colleague Marta explained the other day what this Heartbleed was about. We have seen in the news some apocalyptic messages (“2/3 of the Internet exposed”) but we have to know what we are talking about before giving that kind of assessment. Take a look at Panda Security, for example: none of our websites are affected. Neither our cloud servers nor any of our Consumer or Corporate products are vulnerable to Heartbleed. But we are just one company, ok, an AWESOME company but only one. 🙂 INTECO, the Spanish National Technology Institute, has made an interesting study about all websites belonging to the .es domain. An astonishing 96.49% of all .es domains do not even use SSL. The ones running SSL and still not patched are just a 0.52%. We can see how we are talking only about a minimum number of sites affected, but this does not mean we can relax. To open your eyes I would recommend all of you to take a look at this interesting article in Mashable, where it describes some of the most popular sites in the Internet, whether they were affected or not and if it is needed to change passwords. You can see how some major players are mentioned there (Google, Instagram, Facebook, Yahoo, Youtube…) and even if the rest of the Internet would not have been vulnerable, it wouldn’t mind, as most Internet users are using those Social Networks and online services. Anyway, change your passwords regularly, with or without Heartbleed, that is always a good advice.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
