We refer you to the new Man-in-the-Middle (MITM) vulnerability announced on 5-June 2014, described here and confirm that all SimplerCloud systems are not affected.
Man-in-the-Middle (MITM) Vulnerabilty
There are some new security vulnerabilities affecting the open source encryption protocol OpenSSL after the discovery of Heartbleed bug just couple of months ago. One of the vulnerabilities, which is the SSL/TLS Man-in-the-Middle (MITM) vulnerability, is deemed critical. This vulnerability allows an attacker who manages to tap into the network used by an SSL user, e.g. if they are using shared public network such as wireless networks, to decrypt and modify traffic from an attacked SSL client to SSL server.
Actions Taken
We have patched all our customer-related systems, namely the account panel / portal server and the web server, and they are no longer affected by the newly discovered security vulnerabilities.
What you need to do
We advised customers who are running SSL on their servelets / servers to patch their servelets / servers as soon as possible. For Ubuntu and CentOS users, you just need to run "apt-get update / apt-get upgrade" and "yum update" to install the latest version of SSL libraries which contain the patches. You need to reboot your servelets / servers for the changes to take effect.
You can engage our system administration service if you need our assistance in patching your servelets / servers. To order our system administration service, you can log in to our portal and go to Order > Additional Services > System Administration Work (Per Hour).
More information:
OpenSSL notification - http://www.openssl.org/news/secadv_20140605.txt
Fix for Ubuntu - http://www.ubuntu.com/usn/usn-2232-1/
Fix for CentOS / RedHat - https://rhn.redhat.com/errata/RHSA-2014-0625.html
??
English
Bahasa Indonesia
???
Espanol