Video Screencast Help
Website Security Solutions
Showing posts in English
Brian Wall | 19 Dec 2012 | 0 comments

DDoS (Distributed Denial-of-Service) attacks on SSL secured services are on the rise and becoming increasingly aggressive – no wonder, therefore, that these are getting more and more attention, as anxieties rise.

The upshot, when it comes to social media in particular, is that high profile services have rushed to embrace SSL (Secured Socket Layer) at its highest level, so as to improve security and address privacy concerns, while protecting transactions and services. After all, none of them wants to be the site that reveals your most personal details to hackers.

If you’re not fully yet familiar with DDOS and its implications, it’s worth knowing the kinds of havoc they can cause and why those extreme levels of protection need to be in place. So here’s a quick overview that may help you to avoid suffering a denial of service in your own workplace.

In a...

FranRosch | 13 Dec 2012 | 0 comments

On Tuesday, Microsoft announced that they have just upgraded their entire Outlook.com mail environment to an Always On SSL experience, protected by Extended Validation (EV).  This means that all of the user’s data is protected via 2048-bit encryption - not just the log on page - on Outlook.com, as well as Hotmail, and Live.

This is a big deal. Always-On SSL is the most recommended way for any kind of social media to be enabled for user security.  When a site is completely hosted over HTTPS, the user is much better protected from attacks and surveillance.  For example, on sites without Always On SSL, although the logon would be encrypted, if the subsequent pages are not protected by HTTPS the cookie with the login credentials could be intercepted and used for malicious purposes.

...

Brian Wall | 05 Dec 2012 | 0 comments

Attacks using malware – eg, malicious software embracing everything from computer viruses, worms, Trojan horses, spyware adware and other malicious programs –have reached epidemic proportions. Ask around your office now, or your social networking friends, and someone will have experienced such an event or know someone who has.

Have you been hit, for example, by the Dorkbot worm?  It caused havoc for untold numbers of Facebook and Twitter users, and has since been socially engineering Skype users into downloading the malware, whose payload includes a mechanism to lock down machines.

It delves through an infected Skype user's contact list and sends out the message: ‘Lol is this your new profile pic?’ in English and a similar greeting in German. Clicking on the link opens a .zip file that contains ‘skype_02102012_image.exe’. So far, so bad. Unzipping the file then opens a...

Jimmy Edge | 29 Nov 2012 | 2 comments

Making online payments for everything from gig tickets to major sporting events is one of the most convenient benefits of the internet revolution.

However, often the price is not as convenient if going through recognised channels, and it can be mightily tempting to seek out lower prices from sources that you have not used before. This could be a very risky move though.

An alarming 1 in 10 people within the UK have apparently fallen victim to scams whilst paying for tickets/products online.

Below, we have looked at a few ways in which you can stay as secure as possible when making online payments:

  1. Double check all details of your purchase before confirming the payment instruction. It sounds simple, but it is possible that you could have missed something...
Jimmy Edge | 28 Nov 2012 | 0 comments

As social networking begins to shrink the world and attract users by the billion, you won’t be surprised to hear that the hacker sharks are out there amongst them, and that they are starting to indulge in a feeding frenzy.

Recent investigations have detected a huge black market for social network fraud. Moreover, about one third of discussions in one particular hacker forum focused on training and tutorials for data theft techniques, such as SQL injection (a technique often used to attack a website) – and yet industry analysts estimate that less than 5% of IT budgets include products to mitigate attacks in the data centre. 

How does your organisation stack up against that percentage? And how much of a threat do these cyber criminals pose to you personally and, in the wider context, the business you work for? The answer has to be: a massive threat – especially when the hacker forum in question that was infiltrated contained around a quarter of a...

Brad | 26 Nov 2012 | 0 comments

With Thanksgiving approaching, the holiday season is once again upon us. While most of us consider the holiday season to give thanks and spend precious time with family and friends, we will also spend a considerable amount of money online. Nearly 120 million Americans will shop online the Monday following Thanksgiving. The growth in online spending isn’t isolated to the US, it is increasing globally. With this rise in online shopping comes an increase in cyber crime.

As more people go online worldwide, individuals are increasingly becoming targets for fraudsters and cyber-criminals. According to the 2012 Norton Cybercrime Report, cybercrime claims 556 million victims each year. Both businesses and consumers are victims of malware, phishing and malvertising threats. 

We all know how important it is to ensure that your network is secure, not only for the sake of business continuity...

Rick Andrews | 26 Nov 2012 | 1 comment

It doesn’t take a crystal ball to predict that 2013 will press the limits of the mobile infrastructure.  The sales of smart phones and tablets are through the roof, and apps are being written at a fast pace. This is a boon for many, bringing the internet and cloud applications to the hands of users all over the world, who may not own a computer or have ISP service, but do own a phone.

In the race to be part of the mobile rush however, fast app development is often more valued than a well thought out and secure application.  As a result, SSL/TLS app failures can result in broken, disabled or nonexistent validation behind the scenes of mobile applications.  SSL is the backbone technology for secure connections between the app and the cloud, but without proper certificate handling by the developers it’s still vulnerable to attacks by outsiders. This core vulnerability presents a real danger, and it’s imperative that the app developer learn how...

Jeannie Warner | 15 Nov 2012 | 0 comments

An SSL/TLS Certificate, which website visitors see by the HTTPS:// prefix in the address bar of your browser lets you know that the site you are visiting has been authenticated, and any information you share with that site is encrypted. Knowing that a site is legitimate and secure is especially important with holiday shopping season upon us, where scam sites spring up like snowmen only to melt away with your money.

Symantec takes its responsibility as a certificate authority seriously. It is very important that we do not issue SSL certificates to questionable organizations. Any website with a Symantec SSL certificate has gone through strict authentication practices and procedures. There are also some very firm processes for revoking certificates, or not renewing certificates if there is an issue with an organization. In fact, on average 6-8% of requests for new certificates and renewals are declined. That means Symantec denies tens of thousands of requests every year, as...

Brian Wall | 15 Nov 2012 | 5 comments

Apps it seems are everywhere now, and they continue to spread like wildfire. It’s a ‘technology on the go’ world we inhabit, where we are using apps for everything from social media, banking, gaming, making payments and a host of other things, at any time or day of the week. The convenience afforded by smart phones and other mobile devices have fast become the platform for serious business and consumer alike.

Global mobile app store downloads are forecast to surpass 45.6 billion in 2012, with free downloads accounting for 40.1 billion (89%) and paid-for downloads totalling 5 billion, according to research analysts Gartner.

So it’s alarming to hear that some Android developers are failing abysmally when it comes to...

Jimmy Edge | 08 Nov 2012 | 0 comments

The FBI has issued a stark warning to all users of Android smartphones to be on their guard against the potential for malware attacks.

An increasing amount of confirmed attacks are being traced back to Android devices, according to a new report.

The report, compiled by the Internet Crime Complaint Centre, suggested that it had become aware of numerous malware attacks, FinFisher and Loozfon among the most prevalent, which are specifically targeting Android smartphones.

The scale of the attacks is quite varied according to the report. In some cases it is as serious as the device being significantly infected to the point where it has been taken over. Other cases reported contacts being stolen from the address books of users.

It is particularly worrying to hear that FinFisher has been cited in a number of these attacks. The sophisticated technology which makes up the FinFisher spyware allows Android devices to...