BLOG

“Heartbleed Bug”. “Poodle”. “Sea-Surf”. “DROWN”. If these were super villain names, I wouldn’t exactly be sending in Superman to deal with these guys. But, don’t let these catchy names fool you - these are the names of serious cyber-attacks that resulted in millions of people’s data being exposed and financial information compromised. 

With news of the Heartbleed bug, Entrust has been receiving questions as to how this impacts the certification authority (CA) service at Entrust. In summary, Entrust SSL customers do not need to be concerned about the management of their certificates or their certificate management accounts. The CA private keys are protected on a NIST FIPS 140-2 Level 3 hardware security module (HSM).

This Entrust blog focuses on the Heartbleed Bug,  a serious vulnerability in the popular OpenSSL cryptographic software library and how it can launch an attach from a client on a server or from a server to a client.