ThreatSTOP not vulnerable to Heartbleed

The Heartbleed vulnerability* has burst into public consciousness and generated a lot of justified concern that login information and other confidential data may have been at risk because of it.

ThreatSTOP is pleased to confirm that our servers and service are not susceptible to this bug.

ThreatSTOP customers do not need to be concerned that their ThreatSTOP credentials or anything else on our portal have been put at risk by this vulnerability, because our system architecture, using our, and our partners' technology in a multi-layered, "belt and suspenders" design, protect against known and unknown threats.

The servers behind ThreatSTOP's web portal are accessed via traffic management and security appliances from our partner A10 networks  that are not vulnerable to this bug

We have audited our infrastructure and have verified that no systems are, or were, vulnerable to this exploit.

Regarding our blocking services: we distribute our blocklists via DNS queries which do not use TLS encryption (but are secured by other means); ONLY subscribers can access our servers; only the specific subscriber can query their policies, from their configured IP addresses; and connections to our service are ONLY over TCP (thereby eliminating spoofing).

Finally (and as a general point), people are being advised by hysterical media pundits to change their passwords NOW. In general, this is bad advice, at least in the short term.

It only applies to sites that 1) were vulnerable but 2) have now patched themselves so that they no longer are.

If the site is not yet patched then changing your password means an attacker can quite possibly see your new password!

In short: Your ThreatSTOP account, and credentials, are safe. Your other accounts may not be, but don't change them until the site updates their security.

* For those that may have missed the announcements, the heartbleed vulnerability is

a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

 

About ThreatSTOP

ThreatSTOP is a real-time domain and IP Reputation Service that automatically delivers a block list directly to users’ firewalls, routers and DNS servers, so they can enforce it. It is a cloud-based service that protects the user's network against the most serious information security problem today—malware designed to steal valuable data perpetrated by organized criminals and state actors. The data consists of both specific threat indicators and geographic data which users combine to create their own customized policies for protection. ThreatSTOP enables existing hardware and network infrastructure to enforce user defined malware blocking policy without requiring the expense, complexity and time of a forklift upgrade of new equipment. It can be deployed within the hour with simple rule-settings or a script on the user's BIND (DNS) server, firewall or router.  Founded in 2009, ThreatSTOP is headquartered in Carlsbad, CA. For more information visit http://www.threatstop.com/

Share this: