Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions
Showing posts in English
Jimmy Edge | 28 Nov 2012 | 0 comments

As social networking begins to shrink the world and attract users by the billion, you won’t be surprised to hear that the hacker sharks are out there amongst them, and that they are starting to indulge in a feeding frenzy.

Recent investigations have detected a huge black market for social network fraud. Moreover, about one third of discussions in one particular hacker forum focused on training and tutorials for data theft techniques, such as SQL injection (a technique often used to attack a website) – and yet industry analysts estimate that less than 5% of IT budgets include products to mitigate attacks in the data centre. 

How does your organisation stack up against that percentage? And how much of a threat do these cyber criminals pose to you personally and, in the wider context, the business you work for? The answer has to be: a massive threat – especially when the hacker forum in question that was infiltrated contained around a quarter of a...

Brad | 26 Nov 2012 | 0 comments

With Thanksgiving approaching, the holiday season is once again upon us. While most of us consider the holiday season to give thanks and spend precious time with family and friends, we will also spend a considerable amount of money online. Nearly 120 million Americans will shop online the Monday following Thanksgiving. The growth in online spending isn’t isolated to the US, it is increasing globally. With this rise in online shopping comes an increase in cyber crime.

As more people go online worldwide, individuals are increasingly becoming targets for fraudsters and cyber-criminals. According to the 2012 Norton Cybercrime Report, cybercrime claims 556 million victims each year. Both businesses and consumers are victims of malware, phishing and malvertising threats. 

We all know how important it is to ensure that your network is secure, not only for the sake of business continuity...

Rick Andrews | 26 Nov 2012 | 1 comment

It doesn’t take a crystal ball to predict that 2013 will press the limits of the mobile infrastructure.  The sales of smart phones and tablets are through the roof, and apps are being written at a fast pace. This is a boon for many, bringing the internet and cloud applications to the hands of users all over the world, who may not own a computer or have ISP service, but do own a phone.

In the race to be part of the mobile rush however, fast app development is often more valued than a well thought out and secure application.  As a result, SSL/TLS app failures can result in broken, disabled or nonexistent validation behind the scenes of mobile applications.  SSL is the backbone technology for secure connections between the app and the cloud, but without proper certificate handling by the developers it’s still vulnerable to attacks by outsiders. This core vulnerability presents a real danger, and it’s imperative that the app developer learn how...

Jeannie Warner | 15 Nov 2012 | 0 comments

An SSL/TLS Certificate, which website visitors see by the HTTPS:// prefix in the address bar of your browser lets you know that the site you are visiting has been authenticated, and any information you share with that site is encrypted. Knowing that a site is legitimate and secure is especially important with holiday shopping season upon us, where scam sites spring up like snowmen only to melt away with your money.

Symantec takes its responsibility as a certificate authority seriously. It is very important that we do not issue SSL certificates to questionable organizations. Any website with a Symantec SSL certificate has gone through strict authentication practices and procedures. There are also some very firm processes for revoking certificates, or not renewing certificates if there is an issue with an organization. In fact, on average 6-8% of requests for new certificates and renewals are declined. That means Symantec denies tens of thousands of requests every year, as...

Brian Wall | 15 Nov 2012 | 5 comments

Apps it seems are everywhere now, and they continue to spread like wildfire. It’s a ‘technology on the go’ world we inhabit, where we are using apps for everything from social media, banking, gaming, making payments and a host of other things, at any time or day of the week. The convenience afforded by smart phones and other mobile devices have fast become the platform for serious business and consumer alike.

Global mobile app store downloads are forecast to surpass 45.6 billion in 2012, with free downloads accounting for 40.1 billion (89%) and paid-for downloads totalling 5 billion, according to research analysts Gartner.

So it’s alarming to hear that some Android developers are failing abysmally when it comes to...

Jimmy Edge | 08 Nov 2012 | 0 comments

The FBI has issued a stark warning to all users of Android smartphones to be on their guard against the potential for malware attacks.

An increasing amount of confirmed attacks are being traced back to Android devices, according to a new report.

The report, compiled by the Internet Crime Complaint Centre, suggested that it had become aware of numerous malware attacks, FinFisher and Loozfon among the most prevalent, which are specifically targeting Android smartphones.

The scale of the attacks is quite varied according to the report. In some cases it is as serious as the device being significantly infected to the point where it has been taken over. Other cases reported contacts being stolen from the address books of users.

It is particularly worrying to hear that FinFisher has been cited in a number of these attacks. The sophisticated technology which makes up the FinFisher spyware allows Android devices to...

Jimmy Edge | 05 Nov 2012 | 0 comments

Reports earlier this month that Facebook had reached the landmark of 1 billion users certainly demonstrated just how big the social network phenomenon has become.

However, as the world’s most popular website just seems to get bigger and bigger, it is also more important than ever to be on the guard against hackers who can access your personal information.

Common sense is probably your biggest asset against the threat of cyber criminals, but there are also a few simple tips you can follow to give yourself maximum protection:

  1. Be ultra-careful with any friends that you add. Accepting someone as a friend gives them full access to your page, so make sure you know who you’re adding rather than mindlessly accepting all requests.
  2. Remember that most options can be disabled if you don’t need them or don’t want to use them. This is another element that gives you added control over your own page.
  3. Don’t start believing...
FranRosch | 01 Nov 2012 | 0 comments

I’m very pleased to announce that as of today Symantec has wholly acquired VeriSign Japan, a long time business partner, solidifying our investment and commitment to growing our business in Japan. This acquisition achieves three key goals that help benefit customers in the local Japanese market:

  • We will expand VeriSign Japan’s current SSL offerings by providing full website security solutions, including Website Malware Scan, Vulnerability Assessment and Seal-in-Search functionality.
  • VeriSign Japan customers now benefit from the combined resources of the existing local team and Symantec’s global expertise.
  •  Organizations in Japan are now able to acquire identity and authentication security and website security solutions through a single vendor.

By bringing our two teams together, Symantec will help enable IT to confidently and securely adopt new computing models – from cloud computing to social networking to...

Rick Andrews | 30 Oct 2012 | 0 comments

SSL/TLS is technology that is critical for securing communications. The challenge facing the SSL ecosystem today is how it is being implemented and used. Several University researchers have recently published reports indicating errors and shortcomings in non-browser applications that act as the client of an SSL/TLS connection. These issues result from flawed implementations of SSL in the applications or in SDKs or APIs used by them. SSL Client non-browser applications should follow these best practices to ensure the high level of authentication, confidentiality and integrity promised by SSL remain intact.

A Developer must perform a number of checks, and the most important is to cryptographically validate that the end-entity certificate presented by the server is the expected certificate, or was signed by an expected certificate. In other words, the Developer must create a trusted and validated chain of certificates starting with the end-entity certificate and linking up to...

Jimmy Edge | 29 Oct 2012 | 0 comments

Thieves and hackers across the globe are using more and more sophisticated techniques to carry out credit card fraud in the modern world.

In India, they are currently trialling a new ‘virtual card’ system which means that using an actual credit card to make future purchases online could become a thing of the past. This is in response to persistent and widespread fraud problems in the country.

We all probably consider ourselves to be quite savvy when it comes to staying safe while using our cards, but there are a few simple rules that we can follow to be as safe as possible. Some of them might be obvious, but a couple might change your thinking on the issue completely.

1. Be ultra-careful with your credit card information. This applies to using your card online as well as avoiding unnecessary Facebook/Twitter posts (it really does happen!) that reveal your details. It’s also a good idea to avoid discussing any personal credit...