Internet bug ‘extremely serious’ – Norway security officials / News / The Foreigner

Internet bug ‘extremely serious’ – Norway security officials. In keeping with many other security organisations' worldwide advisories, computer users need to take note and action regarding the Heartbleed vulnerability, the Norwegian National Security Authority (NSM) says. "The most important thing for us is that service providers check and update their systems," NSM press spokesperson Kjetil Berg Veire tells The Foreigner. "They should then notify all their users to change their passwords when applicable." Their warning to update passwords when advised comes due to vulnerabilities in the OpenSSL cryptographic library called Heartbleed (official: CVE-2014-0160).

virus, computers



The Foreigner Logo

The Foreigner is an online publication for English speakers living or who have an interest in Norway. Whether it’s a glimpse of news or entertainment you’re after, there’s no need to leave your linguistic armchair. You don’t need to cry over the demise of the English pages of Aftenposten.no, The Foreigner is here!

Norske nyheter på engelsk fra Norge. The Foreigner er en engelskspråklig internett avis for de som bor eller som er interessert i Norge.

Google+ Google+ Twitter Facebook RSS RSS



News Article

LATEST:

Internet bug ‘extremely serious’ – Norway security officials

Published on Thursday, 10th April, 2014 at 07:19 under the news category, by Manisha Choudhari.
Last Updated on 10th April 2014 at 12:09.

In keeping with many other security organisations' worldwide advisories, computer users need to take note and action regarding the Heartbleed vulnerability, the Norwegian National Security Authority (NSM) says.

A laptop keyboard (illustration photo)
A laptop keyboard (illustration photo)
Photo: Declan Jewell/Flickr


"The most important thing for us is that service providers check and update their systems," NSM press spokesperson Kjetil Berg Veire tells The Foreigner. "They should then notify all their users to change their passwords when applicable."

Their warning to update passwords when advised comes due to vulnerabilities in the OpenSSL cryptographic library called Heartbleed (official: CVE-2014-0160).

OpenSSL is a widely known and used cryptographic library that scrambles data as it passes between computer servers and users.

Finnish security company Codenomicon and Google Security declared the OpenSSL flaw could expose the keys identifying service providers who use that code.

Someone with even average skills could easily gain sensitive information until the bug is fixed.

Ari Takanen, chief technology officer at Codenomicon told the BBC, “If people have logged into a service during the window of vulnerability then there is a chance that the password is already harvested […] it's a good idea to change the passwords on all the updated web portals.”

Users are also advised to update their software programmes, including anti-virus, to the latest version.

At the same time, security researcher at Rapid7 Mark Schloesser told The Guardian changing passwords could make the situation worse if the web server has not been revised to correct the flaw.

You can read more about the Heartbleed security flaw and its ramifications here.

Daily weblog Lifehacker says users can check which Heartbleed affected passwords to change, and when, at password help site LastPass.



Published on Thursday, 10th April, 2014 at 07:19 under the news category, by Manisha Choudhari.
Last updated on 10th April 2014 at 12:09.

This post has the following tags: virus, computers.





  
Do NOT follow this link or you will be banned from the site!