More people taking to internet security after Heartbleed bug

NEW YORK - The Heartbleed bug scare seems to have made Facebook users smarter about security with Facebook witnessing a spike in password resets. Many Facebook users also went in for the Login Approvals, Facebook's version of the two-factor authentication, a spokesman told the IDG News Service. It appears that many people are taking the disclosure seriously and taking steps to protect themselves, he said. Many companies, including Google and Yahoo, say they have since patched their services.

 Heartbleed was a bug in OpenSSL, introduced in a new version of the software at the end of 2011 that under some circumstances allowed Internet attackers to steal data from the memory of a server in 64KB chunks, according to PC World.

 That data could include passwords or encryption keys, which could then be used to break into users' accounts or even make malicious sites mimic real ones and collect usernames and passwords

. Two-factor authentication, which forces users to give two separate pieces of information for access, can help to protect users against such attacks.

 The use of password services software has gone up. One password management app, 1Password, skyrocketed in popularity from the low-200s to the top 10 in Apple's App Store in the U.S. shortly after the Heartbleed disclosures, according to its developer, AgileBits.

 The 1Password app is now ranked 67th in Apple's store.

 More people who may not be very tech-savvy are changing their passwords and thinking about being smarter with security online. "This has been a wake-up call for the general public," RedSeal's Lloyd said. For one thing, Heartbleed has made more people think about the strength of their passwords, he said, according to PC World, Heartbleed's OpenSSL security flaw affected a whopping 66% of the entire Internet during the time of its discovery. In addition, the bug also compromised the usernames and passwords on innumerable popular websites and services. The recent news is that, the Heartbleed bug also affected Android Apps in Google Play Store, says IB Times.

 The Heartbleed bug has turned cyber criminals from attackers into victims as researchers use it to grab material from chatrooms where they trade data.

 Discovered in early April, Heartbleed lets attackers steal data from computers using vulnerable versions of some widely used security programs.

 Now it has given anti-malware researchers access to forums that would otherwise be very hard to penetrate, says BBC

 The news comes as others warn that the bug will be a threat for many years.

 French anti-malware researcher Steven K told the BBC: "The potential of this vulnerability affecting black-hat services (where hackers use their skills for criminal ends) is just enormous."

 Heartbleed had put many such forums in a "critical" position, he said, leaving them vulnerable to attack using tools that exploit the bug.