Responding to CVE-2014-0160 (Heartbleed)
Incident Report for AgileMD
Resolved
This incident has been resolved.
Posted Apr 09, 2014 - 01:07 PDT
Monitoring
We've deployed various countermeasures for CVE-2014-0160 (a.k.a. the Heartbleed bug) and are monitoring our platform for any unusual activity. All services have been fully restored.
Posted Apr 08, 2014 - 22:32 PDT
Identified
In response to CVE-2014-0160 (a.k.a. the Heartbleed bug) we are rotating all keys and tokens used throughout our architecture, starting with SSL. Generally speaking, members will not observe any disruption to service except for those purchasing new content in the AgileMD Library. Until further notice, all paid transactions have been suspended.

For additional information about CVE-2014-0160 see http://aws.amazon.com/security/security-bulletins/aws-services-updated-to-address-openssl-vulnerability and http://heartbleed.com
Posted Apr 08, 2014 - 12:43 PDT