Some sites have plugged Heartbleed, but thousands haven’t, says security firm

By Konrad Krawczyk Published April 21, 2014

According to Computerworld , Sucuri Security, a Calif.-based Internet security outfit, says that of the top 1 million sites on the Web as ranked by Alexa (a service which measures what websites are most popular based on Web data that it gathers), as much as two percent of those sites are still susceptible to the Heartbleed OpenSSL bug . However, Sucuri exec Daniel Cid said in an email that the top 1,000 Alexa sites were all safe from the bug, or have been patched and are not at risk anymore. The findings are accurate as of last week.

Sucuri also found that 0.53 percent of the 10,000 most popular sites were vulnerable, with that number rising to 1.5 percent among the 100,000 most popular sites. The percentages break down like this: 53 of the top 10,000 sites were at risk, 1,595 of the top 100,000 sites were vulnerable, and 20,320 of the 1,000,000 most popular sites were still susceptible to Heartbleed.

Recommended Videos

“We were glad to see that the top 1,000 sites in the world were all properly patched, and that just 0.53% of the top 10k still had issues. However, as we went to less popular (and smaller) sites, the number of unpatched servers grew to 2%. That is not surprising, but we expected better,” Cid said in a blog post .

The Heartbleed bug allows hackers to send fake heartbeat messages, which can trick a website’s server into relaying data that’s stored in its memory. This includes sensitive information such as usernames, passwords, credit card numbers, emails, and more.

Internet security experts have expressed much concern regarding the impact that Heartbleed could have. Mike Lloyd, the CTO of RedSeal, a network security firm, said that people should “stop all transactions for a few days” once news of Heartbleed broke. Canada Revenue Agency took very serious measures in its efforts to defend against the threat, shuting down its website on April 8, and didn’t bring it back online until April 13.

“If you are not patched, be aware that people are out there trying to test and exploit this vulnerability and get your server patched as quickly as possible,” Cid warned.

Konrad Krawczyk

Former Computing Editor

Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…

Topics

Computing

AI may be raising your bills, even if you never use it

The digital revolution has a real-world price tag.

A wad of cash.

We’ve heard a lot about the power-hungry nature of AI data centers, with all of your ChatGPT inputs -- or whatever AI tools you use -- requiring a huge amount of energy to fulfill.

And now some folks are feeling the effects of it in their pocket, too, even though they may not even be using AI.

Computing

I bought a $180 mouse to play one PC game, and I’d do it all over again

The Razer Naga V2 Pro gaming mouse on a white background.

Playing games isn't just about getting your hands on the best gaming PC -- it's also about the peripherals. That's a lesson I had to learn the hard way over years of gaming and spending all of my budget (and then some) on my PC, and my PC alone.

When I finally bought myself a proper gaming mouse, I went all out by spending $180 on a Razer Naga V2 Pro. I only ended up using it for one game, but I have absolutely zero regrets. I'd actually do it all over again.

Branded Content

QuickBooks’ new AI agents accelerate business efficiency

The Sales page of Intuit QuickBooks Online on a laptop.

Intuit is reimagining business operations, and its latest upgrade to QuickBooks is a paradigm shift. Starting July 1, U.S. customers will have access to AI agents that are deployed across QuickBooks Online, backed by redesigned web and mobile interfaces. This virtual team will dramatically reduce the time businesses spend on manual tasks, up to 12 hours a month, according to Intuit’s internal data.

These aren’t your general-purpose chatbots. They’re vertical-specific, domain-trained tools integrated within QuickBooks ecosystem to handle complex tasks autonomously and proactively. Early results are speaking for themselves: 78% of customers report that Intuit’s AI makes running their business easier, while 68% say they now have more time to grow their business instead of being buried in the back office.