The Heartbleed bug exposes a flaw in OpenSSL, a cryptographic tool that provides communication security and privacy over the Internet for applications such as e-mail, instant messaging and some VPNs. Many organizations have made progress in remediating the risks of the vulnerability. Security experts say internal systems that are using vulnerable versions of the OpenSSL software are still vulnerable. The complexity of exploits is a daunting measure of how big we face, one security expert says. The U.S. Department of Homeland Security is working to create a similar infrastructure for similar bugs.”]
Source: https://www.cuinfosecurity.com/heartbleed-bug-what-risks-remain-a-6872