Archive for May, 2014

By now one would hope that the worst of the Heartbleed crisis is behind us. All the servers should be patched, new certificates generated and passwords changed, right? The answers are: probably, hopefully and unlikely, respectively. Compromised passwords are still floating around in the ether so if you haven’t fixed them, do so.

But what about the next Heartbleed? One thing that is about as sure as death and taxes is that there will be another massive vulnerability that will, no doubt, expose millions of user accounts. So, do we just sit tight and wait for the oncoming storm or is there a preemptive strike you can make now to less the likelihood it will impact you in a big way?

I think there is and it’s the subject of my recent post to the IBM Security Intelligence blog. Take a read through it and stay safe.