By Kyle Christopher
The heartbleed attack was all the talk this week, and rightly so. This vulnerability allowed malicious code to view snippets of active memory from an SSL-enabled process. This meant that an attacker could siphon active memory from a Web process without any trace. They could basically keep siphoning small chunks of memory until they found what they wanted, whether it be user names, file data, passwords, etc. (Source: Infoworld).
There have been lots of tips, solutions, methods and advice on how to address the issue. Aside from that, there are two big takeaways from this vulnerability in my opinion. Here they are: