Skip to main content
  1. Home
  2. Computing
  3. News

Some sites have plugged Heartbleed, but thousands haven’t, says security firm

By
sites plugged heartbleed thousands havent says security firm bleeding heart
Image used with permission by copyright holder

According to Computerworld, Sucuri Security, a Calif.-based Internet security outfit, says that of the top 1 million sites on the Web as ranked by Alexa (a service which measures what websites are most popular based on Web data that it gathers), as much as two percent of those sites are still susceptible to the Heartbleed OpenSSL bug. However, Sucuri exec Daniel Cid said in an email that the top 1,000 Alexa sites were all safe from the bug, or have been patched and are not at risk anymore. The findings are accurate as of last week.

Sucuri also found that 0.53 percent of the 10,000 most popular sites were vulnerable, with that number rising to 1.5 percent among the 100,000 most popular sites. The percentages break down like this: 53 of the top 10,000 sites were at risk, 1,595 of the top 100,000 sites were vulnerable, and 20,320 of the 1,000,000 most popular sites were still susceptible to Heartbleed.

Recommended Videos

“We were glad to see that the top 1,000 sites in the world were all properly patched, and that just 0.53% of the top 10k still had issues. However, as we went to less popular (and smaller) sites, the number of unpatched servers grew to 2%. That is not surprising, but we expected better,” Cid said in a blog post.

The Heartbleed bug allows hackers to send fake heartbeat messages, which can trick a website’s server into relaying data that’s stored in its memory. This includes sensitive information such as usernames, passwords, credit card numbers, emails, and more.

Internet security experts have expressed much concern regarding the impact that Heartbleed could have. Mike Lloyd, the CTO of RedSeal, a network security firm, said that people should “stop all transactions for a few days” once news of Heartbleed broke. Canada Revenue Agency took very serious measures in its efforts to defend against the threat, shuting down its website on April 8, and didn’t bring it back online until April 13.

“If you are not patched, be aware that people are out there trying to test and exploit this vulnerability and get your server patched as quickly as possible,” Cid warned.

Topics
Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
The best home internet providers of 2024
AT&T Internet Air gateway on table.

You can't always pick from a wide range of home internet providers (depending on your location), but even if your choice is limited, you still want to select the right one. From pricing to speed, support, and contract plans, picking the right broadband provider can make a real difference to the service you receive. Here are our favorites.

Interested in grabbing a short-term internet deal with a discount and bundled extras? Here are the best ones available now.
AT&T Fiber

Read more
This new technology fixes the biggest problem with modern GPUs
Two RTX 4060 graphics cards sitting next to each other.

In an interesting development for the GPU industry, PCIe-attached memory is set to change how we think about GPU memory capacity and performance. Panmnesia, a company backed by South Korea's KAIST research institute, is working on a technology called Compute Express Link, or CXL, that allows GPUs to utilize external memory resources via the PCIe interface.

Traditionally, GPUs like the RTX 4060 are limited by their onboard VRAM, which can bottleneck performance in memory-intensive tasks such as AI training, data analytics, and high-resolution gaming. CXL leverages the high-speed PCIe connection to attach external memory modules directly to the GPU.

Read more
Best VPN deals: Save on NordVPN, ExpressVPN, and Surfshark
A close-up of a computer monitor displaying a generic VPN.

Connecting online outside of your home can pose a lot of issues, whether it's security or just trying to access geo-blocked connections. Luckily, a good VPN can help you avoid these issues and even add a lot more benefits since most VPN services tend to add more things like ad-blocking and malware protection. There are also a huge amount of VPNs out there, and it can be hard to pick the best VPN services for you, which is why we've gone out and collected our favorite VPN deals and listed them below.

Nord VPN 12-month basic subscription -- $60, was $100

Read more