Latest News

Google Chrome Now Labels HTTP Sites as 'Not Secure’

As of today the latest version of Google Chrome will display "Not Secure" in the title bar for websites not using HTTPS....

GDPR Statement

The General Data Protection Regulation (GDPR) regulation came into force on 24 May 2016 and will apply from 25 May 2018....

New Password Policy

A lot of you will be familiar with a password policy that involves: * a minimum number of characters; * at least one lowercase...

News RSS Feed

more news

In case you've heard about the latest SSL vulnerability codenamed 'Heartbleed', our main web server, hosting 99% of our websites, has not been affected as the version of OpenSSL we have installed predates the introduction of this vulnerability.

A second server, hosting a single website, may have been vulnerable for up to 12 months, and a third server, set up in February this year, would also have been affected. Both were automatically patched earlier this week.

The details of the vulnerability, while serious, are not as dramatic as you may have heard in news reports, but it could have allowed a determined attacker to extract chunks of 'private memory' from an encrypted stream and use them to expose encrypted data and private keys.

For the average Internet user, if any of the online services you are using have been affected, you should wait for them to announce that their servers have been patched, and only then change your password.

And to be doubly safe, change your passwords for any other services that use the same or similar login.

Related link

• The "Heartbleed" Internet Security Flaw: What You Need to Know »

Office closing dates »