You may already know about the widely publicized heartbleed bug (http://heartbleed.com/) that may be impacting more than 500,000 systems across the Internet. Heartbleed is a bug in the OpenSSL program in v. 1.0.1 up to 1.1.f that is being used for encrypted communication in the VPN and web sites across the world. The design flaw in the program makes the information that seats in the resident memory exposed to the hacking. The information itself may contain user’s credentials including credit card numbers as well as private keys of your file server that are being used for encrypted communication.
This flaw may impact many communication systems that use VPN, SSL, Cisco IP phones, VMWare servers. We all appreciate when the flaw if discovered BEFORE actual attacks occur, so, this time it was a timely message to the world community, and most of the vendors applied the fix or workarounds.
There are few workarounds suggested:
Perhaps, you can test if your site is vulnerable by using the following URL from Qualys SSL Lab: https://www.ssllabs.com/ssltest/
Below is the result of the test with RTEK2000.com site: