Hacker retrieves private security keys using `Heartbleed`

Last Updated: Sunday, April 13, 2014 - 23:23

Washington: Content distribution network Cloudflare has reportedly announced that the "Heartbleed" bug may not be as bad as feared, after a hacker used the bug to successfully retrieve a website`s private security keys.

The announcement has given hope to those who have been affected by the deadly Web bug.

According to the Verge, in two weeks of testing, Cloudflare said, its researchers failed to exploit the bug to steal a website`s private SSL keys, which secures the data sent to users.
The website had challenged white-hat hackers to retrieve the private security keys and unfortunately for the Web , one of them succeeded.
While the implications for the web are significant, even after a server is patched to fix the Heartbleed vulnerability, the private keys can continue to be used to access user data unless whoever is running the server updates its security certificate, the report added.

ANI

First Published: Sunday, April 13, 2014 - 23:23

comments powered by Disqus