It’s been two days since the Heartbleed bug was exposed, a security flaw so bad, security expert Bruce Schneier has called it “catastrophic.”
The flaw allows hackers to intercept and read website information supposed to be encrypted, like passwords and credit card info. This problem was found in the really popular security software known as OpenSSL used by many huge websites and devices. That means Heartbleed was found in some of most popular cloud services on the Internet, like Gmail, Yahoo, Flicker, OkCupid, Tumbler and others.
The good news is that those sites have been fixed, Mashable reports.
More good news: hundreds of other websites are racing to get rid of the bug as we write this. 24 hours after the bug was reported, security vendor SkyHigh Networks had found 368 cloud providers that still had the bug.
Yet, a couple of hours ago, security vendor Netskope, searching only cloud services that serve businesses, found 100 of those sites to have the Heartbleed bug. So the numbers of dangerous websites are diminishing.
Here’s the downloadable document that lists them all. Netskope will update this list daily, it says.
Join the conversation