Hearbleed in Numbers

HEARTBLEED IN NUMBERS The Heartbleed bug is one of the biggest security threats in the story of the Internet, affecting web servers using 0pensSL that support the TLS heartbeat extension. It has affected many popular websites including Facebook, Twitter and Gmail along with Saas providers of services such as CRM and HR systems. We're pleased to announce that Octopus HR İsn't affected as our servers run on Microsoft and haven't ever had the Heartbeat extension enabled. 500,000 The number of servers that are estimated to have been vulnerable 2012 The year that support for the heartbeat extension was added to OpenSSL 1.0.12 TWO YEARS How long this flaw has been around the amount of data hackers could reveal to a connected client or server in each attack? KB 0,5% 13.6% are running on Lighttpd are running on nglax 17.5% 1.7% 70.5% are running on Microsoft are running on Apache The percentage of SSL sites that had 13.64% the heartbeat extension enabled are running on other/unknown Of the servers that are running the Heartbeat extension How to check if a website has been affected? Paste the URL into a free online tool such as Last Pass https://lastpass.com/heartbleed/ What should you do if yoU use a site that has been affected? Change your password after the website has implemented a patch to solve the issue. SOURCES 1. http://news.netcraft.com/archlves/2014/04/08/half-a-millon-widely-trusted-websites-vulnerable-to-heartbleed-bug.html 2. http://securityaffalrs.co/wordpress/23878/Intelligence/statistics-Impact-heartbleed.html Octopus people monoging brilliontly, online