Connecting to LinkedIn...



The Biggest Security Breach in the History of the Internet May Have Hacked All Your Information

10/04/2014 by


Security researchers have identified a very, very serious security hole in one of the fundamental technologies protecting personal data all across the Internet. OpenSSL, the cryptographic software library that an estimated two-thirds of web servers worldwide use to connect with end users and guard against digital eavesdropping, has been vulnerable to hackers for as long as two years. It may be the biggest security breach in the history of the Internet.

In a blog post published Monday, the OpenSSL researchers dubbed the critical flaw “Heartbleed,” admitted that the glitch allows for easy, untraceable breaches of secure systems, and announced the release of an immediate fix. Originally discovered by Google researcher Neel Mehta, what went wrong with OpenSSL is now a massive problem with the potential to affect the majority of secure servers on the Internet controlling everything from banking to retail to email. Here’s how the OpenSSL team described the bug:

Bugs in single software or library come and go and are fixed by new versions. However this bug has left a large amount of private keys and other secrets exposed to the Internet. Considering the long exposure, ease of exploitations and attacks leaving no trace this exposure should be taken seriously.

What’s at risk? It’s not theoretical. The research team provided evidence that with awareness of the bug, they were able to breach Yahoo security and steal email logins and passwords without leaving a trace. They wrote:

We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.

Anyone who noticed and exploited the bug since it was introduced on March 14, 2012 could have easy access to an incomprehensible number of secure systems. And as TechCrunchnotes, even encrypted data illegally stolen from servers could eventually be forced open either with more stolen data or other methods, depending on server configuration. Redditors with awareness of the bug claim to have been able to identify vulnerabilities in sites ranging from Yahoo mail to their banks.

This article has been extracted from, please click on this link to read the article in full

Montash is a multi-award winning, global IT recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Scientific Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.

With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.

For more information please visit

comments powered by Disqus

Social Stream

Latest News


Humans remain largest security flaw in cloud ...

2016-10-21 14:00:00 +0100

With a vast number of companies moving some, if not all, of their operations to the cloud, security continues to be of major concern. Whilst there are numerous patches and firewalls to safeguard defences, it has been highlighted that the most difficult area to protect against is human interaction. This is the view of Jamie Woodruff, a penetration tester and ethical hacker. Woodruff’s views come after he was contracted to conduct a penetration test in or...


Offshore exploration providing boost for oil ...

2016-10-19 09:00:00 +0100

The oil and gas industry has had a notoriously challenging time of late, with the prices of oil plummeting and causing many firms to tighten their belts. However, offshore exploration is providing a much-needed bright spot for the sector, with an increasing number of governments becoming more accommodating. In the past week, it has been revealed that there are big changes afoot for Brazil’s petroleum laws. Shell has already begun to move on this opportu...