Video Screencast Help
Search Video Help Close Back
to help

Website Security Solutions

Showing posts in English
Differentiating Partners with the Highest Value in Enablement and Sales Opportunities
Charla Bunton-Johnson | 09 Feb 2013 | 0 comments

Channel Partners are always looking for new ways to differentiate their business so that they can offer the highest value to their customer base by providing best-in-class security solutions. Alignment with the right channel vendor(s) is crucial for partners to stay ahead of the market and evolve their businesses over time to solve business challenges.

Enter Symantec.  Symantec Website Security Solutions delivers industry-leading SSL, a world-class partner program, and compelling enablement that empowers partners with a more efficient time to market offering a profitable robust portfolio providing a right-sized solution for every client’s website security need and market level in today's dynamic threat landscape.

Today, Symantec announced Website Security Partner Program enhancements that will empower partners with the highest value in enablement and sales opportunities:

Read more
10 Safe Surfing Tips for Safer Internet Day 2013
Jimmy Edge | 05 Feb 2013 | 0 comments

This year marks the 10th anniversary of Safer Internet Day. The theme for this year is ‘Connect with Respect’, and one of the big issues we wanted to focus on at Symantec Website Security Solutions is ‘cyberbullying’, which can happen across all devices and age groups, although it is particularly prevalent among younger people.

It’s important for adults to educate their children about how to minimize the chances of getting caught up in cyberbullying, so our colleagues at  Norton have put together the following top 10 tips for parents and care givers to ensure young people remain protected online:

  1. Don’t give out your personal information – Don’t put personal details such as your home address, telephone numbers or parent’s work address online as cybercriminals can use this information to create a fake profile with your details
  1. What...
Read more
Security threats – staying safe
Jimmy Edge | 24 Jan 2013 | 0 comments

POISONED CHALICE

Sometimes, it seems that new ways of attacking an organisation’s online security are shooting up faster than Jack’s beanstalk. Some are relatively easy to defend yourself against; others are quite disturbing in their intricacy and powers of deception.

In our social media saturated world, one particularly worrying development has been SEO poisoning, also known as search poisoning. You may have come across it – though, I hope not. This is an attack method in which cybercriminals create malicious websites and use search engine optimisation tactics to make them show up prominently in search results. The sites are associated with terms that large numbers of people are likely to be using in searches at any given time, such as phrases related to holidays, news items and viral videos. According to Symantec’s researchers, many...

Read more
“Danger: Malware Ahead!- Please, Not My Site”
Leelin Thye | 17 Jan 2013 | 0 comments

In the article “Google Flags Ad Network Isocket for Alleged Malware; Chrome Blocks TechCrunch, Cult of Mac, others (Updated)”,[1] a large number of popular sites using a prominent advertising network was affected when  their sites were blocked by Google on suspicion of containing malware. Regardless whether the action was a result of false positive reading or not, the financial impact to advertising networks and their client sites is high when users are unable to access the websites and see a “Danger: Malware Ahead!” warning.  Business is disrupted and brand reputation compromised.

On the other hand...

Read more
Faulty Encryption Could Leave Some Android Apps Vulnerable
Brian Wall | 16 Jan 2013 | 0 comments

A team of university security researchers claims that 41 Android applications downloaded by as many as 185 million users are plagued by faulty encryption and inadequate SSL protection that leak data between a device and webservers.

If the vulnerability was ultimately exploited, it would allow malicious hackers to steal data related to online banking, social network credentials, email, instant message content and more. In addition, the faulty SSL protections in one of the affected apps - an antivirus application - can make data vulnerable to theft on Android devices running Ice Cream Sandwich (Android 4.0).

Interestingly, the researchers refrained from specifying particular apps with alleged faulty protection, but...

Read more
Welcome to the start of the 2013 Tax Fraud/Scheme Season
Jeannie Warner | 21 Jan 2013 | 3 comments

We're looking at a bumper crop of online frauds, cons, ID thefts, and check stealing this year. Some of them can steal your returns, others cost you your life savings or money you have not even begun to earn. As your W-2s come in, here are some simple pointers to remember about filing and online opportunities as well as methods for avoiding theft of multiple kinds.

  1. First and most important - the IRS will never email you. Ever. If you get an email from the IRS or EFTPS (Electronic Federal Tax Payment System), forward it to phishing@irs.gov and do not respond!
  1. Beware fake Tax preparation companies.  Never enter information online unless you see HTTPS: or a green bar in the URL, and look for the Preparer Tax identification Number (PTIN) on your return. You should always receive a copy of your tax return, and a reputable tax service should never do your taxes for a percentage of the refund....
Read more
Navigating the global threat landscape for online businesses
Jimmy Edge | 14 Jan 2013 | 0 comments

Running an ecommerce site is a rewarding business. There are almost 2.5 billion people online, and the global consumer ecommerce market is worth around $1 trillion, which is nothing to be sneezed at.

But that opportunity also attracts criminals, which is why running any public-facing website is highly risky. The cost of cybercrime runs into the hundreds of billions each year, and in 2011, 403 million unique variants of malware were discovered, according to Symantec's Internet Security Threat Report.

That's not just stolen money we're talking about – you also need to factor in compensation payments, the time and manpower it takes to clean up after a successful attack, and the massive impact that systems breaches...

Read more
Why your choice of a Certificate Authority matters in the long run
FranRosch | 08 Jan 2013 | 0 comments

By now you’re probably aware of the Turkish Certificate Authority that had mistakenly issued two intermediate CA certificates to two organizations in Turkey. With these trusted intermediate certificates, the two organizations, a Turkish bank and a Turkish government transportation agency, had the ability to issue fraudulent or unauthorized certificates for domains that they do not control. In this instance, a rogue, wildcard certificate was issued for google.com without permission from Google.

 According to the certificate authority, TURKTRUST, this incident occurred during a software migration in August 2011. In a statement released by the CA, the certificate profiles of the intermediate certificates in question were moved to a production server. This led to intermediate CA certificates being issued without the CA realizing what had happened. Google identified the rogue certificate on their domain on December 24th. Since then the bad intermediate certificates...

Read more
No time to be in denial!
Brian Wall | 19 Dec 2012 | 0 comments

DDoS (Distributed Denial-of-Service) attacks on SSL secured services are on the rise and becoming increasingly aggressive – no wonder, therefore, that these are getting more and more attention, as anxieties rise.

The upshot, when it comes to social media in particular, is that high profile services have rushed to embrace SSL (Secured Socket Layer) at its highest level, so as to improve security and address privacy concerns, while protecting transactions and services. After all, none of them wants to be the site that reveals your most personal details to hackers.

If you’re not fully yet familiar with DDOS and its implications, it’s worth knowing the kinds of havoc they can cause and why those extreme levels of protection need to be in place. So here’s a quick overview that may help you to avoid suffering a denial of service in your own workplace.

In a...

Read more
Microsoft goes Always On with EV for Outlook.com
FranRosch | 18 Dec 2012 | 0 comments

On Tuesday, Microsoft announced that they have just upgraded their entire Outlook.com mail environment to an Always On SSL experience, protected by Extended Validation (EV).  This means that all of the user’s data is protected via 2048-bit encryption - not just the log on page - on Outlook.com, as well as Hotmail, and Live.

This is a big deal. Always-On SSL is the most recommended way for any kind of social media to be enabled for user security.  When a site is completely hosted over HTTPS, the user is much better protected from attacks and surveillance.  For example, on sites without Always On SSL, although the logon would be encrypted, if the subsequent pages are not protected by HTTPS the cookie with the login credentials could be intercepted and used for malicious purposes.

The dangers of...

Read more