Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Website Security Solutions
Showing posts in English
Christaine Buemberger | 12 Dec 2013 | 0 comments

More and more software developers in the UK and US are looking to Eastern Europe to get their code written. After all, it can be done far more cheaply there, as well as offering an abundance of choice. Indeed, code writing ‘houses’ in Eastern Europe are proliferating in response to this demand – from one-man bands to sizeable operations. So any developer intent on keeping their costs down, and often along with the promise of a quick turnaround, has the perfect scenario for having their software code written there, right?

Not necessarily. Because cheap is not good if the code that’s written becomes compromised in any way. And when you, the developer, are possibly thousands of miles away from whoever is writing your code, you need to be even more sure of those into whose hands you are entrusting this process.

Certainly, there are many highly reputable enterprises in Eastern Europe that provide this service and deliver to the highest standards. But this is also a region...

Andy Horbury | 06 Dec 2013 | 0 comments

I’d like to share two webinars with you that we delivered this week

The first was Attack of the Cyber Spies a webinar delivered as part of BrightTALK’s Hackers Summit which you can access here.

The second is the December update of the regular webinar series I do with my colleague Andrew Shepherd: Website Security Threats: December Update

I've also posted both webinar slide decks to Slideshare here

Finally, I’d also like to share this blog posted by Tom Powledge who is the VP of the Website Security Solutions division here at Symantec Keeping Your Data Safe with SSL

We'll be back next week with some new blogs.

Tom Powledge | 05 Dec 2013 | 0 comments

There's been plenty in the news recently regarding encryption and SSL – which has led some people to wonder how safe the technology really is.  As the leader of Symantec's Trust Services Products & Services organization, I want to assure you that SSL is safe.  Below is some information that may help you understand why, and also inform you about the current state of SSL security.

First, the fundamental key strength of RSA 2048-bit certificates is solid and without question.  Independent cryptography experts have confirmed this, and highly-respected publications such as the MIT Technology Review have published articles on the subject.  As always, organizations that use SSL should make sure they use the strongest algorithms available.

Customers of SSL certificates should take specific actions...

Amer Sethi | 04 Dec 2013 | 0 comments

As we wrote in our previous blog The Middle East and North Africa (MENA) region is basking in the joys of booming economic growth.

These are exciting times however, that said, such success also has its downsides. While e-commerce is on a rapid upward trajectory – particularly in the banking and travel sectors – it has made many MENA businesses highly attractive to the cybercriminals, who are out to cash in on any vulnerabilities they can exploit.

Just how open to the cybercriminals the region is can best be exemplified by the targeting of its oil and gas sector. Last year, it was the victim of a hacker attack known as Shamoon (aka W32.Disttrack), which is capable of wiping files and rendering several computers on a network unusable. Saudi Arabia's national oil company Saudi Aramco itself came under fire, with 30,000 of its computers knocked out, resulting in its own network...

Aija Pekkarinen | 28 Nov 2013 | 0 comments

In the past year we have seen a number of security related stories in the Finnish media.

Spring saw one of the Nordic region's largest banks forget  to renew the SSL certificate that secured their new online banking site. This unfortunately is not a rare phenomenon ,and companies such as Google , Twitter, and LinkedIn have all experienced similar certificate expiry issues. Consumers are advised, however, to be cautious online and pay heed to warning messages they see in their web browsers. My colleague Andy Horbury wrote about a similar incident recently.

Another blunder highlighted in the press happened a few weeks after, when the Certificate Authority used to issue certificates on some local government sites advised users that the site they were visiting was no longer to be trusted. This was simply due to the fact that they had used a CA whose root certificate was not...

Jimmy Edge | 20 Nov 2013 | 0 comments
This blog post is based on the ‘Knowledge is Power: Symantec Guide to Protecting your Website’ whitepaper which is free to download now.

In 2012 Symantec performed more than 1,400 website vulnerability scans each day. More than half the websites scanned were found to have unpatched, potentially exploitable vulnerabilities.

Of the vulnerable sites, a quarter were actually infected with malware that could infect visitors and lead to the sites being blacklisted by search engines. These figures show that millions of legitimate websites are at risk from serious attack and exploitation by internet criminals every day.

When malware does find its way onto a website it can attack in three ways; accessing the information held on a server, intercepting information passed between the website and its customers (unless the website uses an up to date...

Jimmy Edge | 14 Nov 2013 | 0 comments
This blog post is based on the new Symantec Website Security Solutions free white paper, The Power to Destroy: How Malware Works which pulls together statistics from across Symantec’s global security network. The white paper is available in French, German, Spanish and Italian.

If you own or run a website, did you know that the website itself could be the target of cyber criminals who can breach the site and use it as a tool to spread malware and infect your customers’ devices?

Certain weaknesses or vulnerabilities in your website, such as unpatched servers and cross-site scripting, can lead to security breaches which have been known to cost...

Andy Horbury | 07 Nov 2013 | 0 comments

While we rush online to buy gifts for our nearest and dearest, scammers are looking to make their wage from your online mistakes. Learn how to stay safe online while doing your Christmas shopping this holiday season.

‘I’m dreaming of a safe holiday season’

What you need to know this holiday season to stay safe online

It’s that time again… the familiar all-out drive by retailers everywhere to capture their share of shoppers’ seasonal spend as we rush to snap up gifts for our nearest and dearest. While online retailers are hoping we get online and buy, so too are the cybercriminals.

The latter are no doubt already gearing up to take full advantage of our good cheer, as they unleash the scams and malware that will turn celebration into commiseration for far too many of us. With online shopping becoming an essential way for us to buy our holiday season gifts, never have the prospects for bumper festive takings looked so...

Andy Horbury | 05 Nov 2013 | 0 comments

For anyone intent on finding out exactly what the worldwide impact of cybercrime is now – and the price we are all paying as it penetrates every corner of the global markets – there can be no better starting point than the 2013 Norton Cybercrime Report[1].

The findings are both eye-opening and deeply concerning. According to the report, some 1 million-plus adults become cybercrime victims every single day and, if you break that down, it equates to a staggering 12 victims per second.

This annual report, commissioned by Symantec[2], is focused on understanding exactly how cybercrime affects consumers (more than 13,000 adults across 24 countries took part in the 2013 survey) and how the adoption and evolution of new technologies impacts their overall security.

And what an impact that turns out to be, with the global price tag of consumer cybercrime now topping US$...

Stefano Rebulla | 10 Oct 2013 | 1 comment

Stefano Rebulla, Senior Account Manager – Continental Europe

On a regular basis questions arise such as: “Why are your authentication procedures so complicated? Why is it so difficult to get my certificate or account vetted?”

These are questions that I’ve heard quite a few times, having been in a sales role at Symantec for several years. I would like to share a few insights based on my experiences.

First, however, before I start, full disclosure : As a salesperson, I want to close deals as quickly as possible and sometimes the vetting process of a customer creates a delay I am not happy about. However, there are very good reasons why it has been defined this way, one of which is to prioritize your security and that of the entities doing business with you (be it people or other companies) above all else...