Trend Micro provides Heartbleed detection tools
22 April 2014 | 0
Trend Micro has released free scanning tools for computers and mobile devices to verify whether they are communicating with servers compromised by the Heartbleed bug.
The Heartbleed bug is a serious vulnerability in SSL/TLS encryption which has serious implications for all sorts of data, from banking details to private communications, for both business and consumers.
“The Heartbleed vulnerability really woke the world up to just how much the Internet is part of our daily lives, and just how damaging things can be when that world is under attack. Unlike most computer attacks that target end users, Heartbleed affects the sites we use everyday – and to make matters even worse – it specifically affects those we consider most secure, and with whom we most trust our data” said Robert McArdle, senior advanced threat researcher, Trend Micro.
The company carried out a scan of the top 1 million popular sites in the world to see the effect of this bug, and found that almost 11% of Irish sites on the list where vulnerable to attack, with several household names among them.
“Trend Micro has responded to the Heartbleed threat by offering tools to all Internet users as a solution to protect their personal data,” said Dervla Mannion, VP, Trend Micro EMEA in Cork.
“With in-app purchases and financial transactions on mobile devices becoming the norm, we felt it was vital to offer users a solution designed to enable users to continue operating their devices without worry. Heartbleed is a problem that may never entirely go away, but we are committed to providing and updating our solutions to best protect the data of our customers, and provide essential security on each device they use.”
The Trend Micro Heartbleed Detector, a Chrome browser plug-in, and an Android mobile app, are available from the Chrome Web Store and Google Play app store, respectively. Available for Mac and Windows-based computer users, the Trend Micro Heartbleed Detector is a multi-platform plug-in for Chrome that enables users to check for vulnerable URLs and installs with a single click.
Trend Micro says that its researchers have also discovered that mobile apps are just as vulnerable to the Heartbleed bug as web sites. To mitigate this threat, Trend Micro said that it has developed the Heartbleed Detector to check apps on a user’s device and the servers they communicate with, to determine if installed apps are vulnerable to the OpenSSL bug. If vulnerable apps are, the detector then prompts the user with the option to uninstall the app.
The Trend Micro’s Heartbleed Scanners can now be downloaded free.