Skip to main content
  1. Home
  2. Computing
  3. News

Some sites have plugged Heartbleed, but thousands haven’t, says security firm

By
sites plugged heartbleed thousands havent says security firm bleeding heart
Image used with permission by copyright holder

According to Computerworld, Sucuri Security, a Calif.-based Internet security outfit, says that of the top 1 million sites on the Web as ranked by Alexa (a service which measures what websites are most popular based on Web data that it gathers), as much as two percent of those sites are still susceptible to the Heartbleed OpenSSL bug. However, Sucuri exec Daniel Cid said in an email that the top 1,000 Alexa sites were all safe from the bug, or have been patched and are not at risk anymore. The findings are accurate as of last week.

Sucuri also found that 0.53 percent of the 10,000 most popular sites were vulnerable, with that number rising to 1.5 percent among the 100,000 most popular sites. The percentages break down like this: 53 of the top 10,000 sites were at risk, 1,595 of the top 100,000 sites were vulnerable, and 20,320 of the 1,000,000 most popular sites were still susceptible to Heartbleed.

Recommended Videos

“We were glad to see that the top 1,000 sites in the world were all properly patched, and that just 0.53% of the top 10k still had issues. However, as we went to less popular (and smaller) sites, the number of unpatched servers grew to 2%. That is not surprising, but we expected better,” Cid said in a blog post.

The Heartbleed bug allows hackers to send fake heartbeat messages, which can trick a website’s server into relaying data that’s stored in its memory. This includes sensitive information such as usernames, passwords, credit card numbers, emails, and more.

Internet security experts have expressed much concern regarding the impact that Heartbleed could have. Mike Lloyd, the CTO of RedSeal, a network security firm, said that people should “stop all transactions for a few days” once news of Heartbleed broke. Canada Revenue Agency took very serious measures in its efforts to defend against the threat, shuting down its website on April 8, and didn’t bring it back online until April 13.

“If you are not patched, be aware that people are out there trying to test and exploit this vulnerability and get your server patched as quickly as possible,” Cid warned.

Topics
Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
LG’s new Gram Pro finally looks like a serious MacBook Pro rival
An LG Gram laptop on a table.

Just ahead of CES, LG has announced a refresh to its Gram Pro lineup, as well as launched a budget-friendly Gram Book. The tweaked Gram Pro laptops are the most exciting, though, with the the LG Gram Pro 17 catching my eye.

First off, it's been thinned out a bit, dropping down to 0.62 inches thick, which is almost the same thickness as the 16-inch MacBook Pro. The LG Gram Pro 17 is also a full pound and a half lighter than the MacBook Pro, both of which are striving to be one of the best laptops you can buy.

Read more
Nvidia’s new GPUs show up in prebuilts, but the RTX 5090 is missing
iBUYPOWER RTX for AI PCs side view of pre-built on sale hero

Nvidia's upcoming RTX 5080 and RTX 5070 Ti just appeared in several iBUYPOWER gaming PCs. This is the first U.S. retailer to list Nvidia's RTX 50-series in prebuilt systems. The listings are interesting, with performance figures that really don't add up. Still, the biggest question is: Where's the GPU that's bound to beat all the current best graphics cards? Yes, we're talking about RTX 5090.

The listings have already been taken down, but they were preserved by VideoCardz. A total of five systems were listed by iBUYPOWER, but they all contained the same two GPUs -- either the RTX 5080 or the RTX 5070 Ti. Both cards are said to come with 16GB of memory, and we expect them to be announced on January 6 during the CES 2025 keynote held by Nvidia's CEO, Jensen Huang.

Read more
OLED gaming monitors are about to get a lot brighter
Path of Exile 2 running on an Asus gaming monitor.

One of the biggest criticisms leveled against OLED monitors, despite being some of the best gaming monitors you can buy, is how dim they are. Although brightness is steadily increasing, it looks like the next crop of OLED gaming monitors will make quite the leap when it comes to HDR performance. Ahead of CES 2025, VESA has revealed a new tier of its DisplayHDR standard that's focused squarely on the brightness of OLED monitors.

The certification is DisplayHDR True Black 1,000. Most OLED gaming monitors, such as the MSI MPG 321URX or Alienware 27 QD-OLED, are certified with DisplayHDR True Black 400. This certification level is reserved for OLED -- or extremely high-end mini-LED -- displays that achieve nearly perfect black levels. According to VESA's specifications, the display has to reach 0.0005 nits with a checkboard pattern. Now, VESA is focusing on the other end of the spectrum, adding a more demanding tier that maintains those low black levels while pushing brightness higher.

Read more