The Heartbleed bug was fully disclosed to the Internet on April 7, 2014, but the root cause of the problem was introduced to the OpenSSL platform two years ago. The US-CERT outlines the issue perfectly in their advisory. The vulnerability itself can be classified as a critical information disclosure issue. There have been reports that this vulnerability can be used to amplify traffic and trigger a DDoS, and expose application configuration files, including the connection strings were database usernames and passwords are clearly visible. CSO has compiled the following information in order to help administrators and security teams understand the issue.”]