Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

Website Security Solutions

Showing posts in English
geoffnoakes | 29 Aug 2013 | 0 comments

Facebook announced on July 31st that they have implemented https as default for all of their users. This means that almost all traffic to www.facebook.com and 80% of traffic to m.facebook.com will be using a secure connection. This is both a significant accomplishment for Facebook, who first made the option of using https available two years ago, but it is also great news for their users. When users log into Facebook and see https in the URL, the information they share is encrypted by a Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate. One of the most significant challenges Facebook faced in the implementation of default https was the impact on performance. Moving from http to https is much more complex than it might appear, and it is not simply re-rerouting from http to the https. SSL...

Andy Horbury | 21 Aug 2013 | 0 comments

Ciphers have been in use since around 3,000B.C., but their importance and relevance for information security has really come to the mainstream with the growth of the Internet and the escalating volumes of data exchanged on line every day.

The history of ciphers and encryption is a compelling one – being a constant battle between encryption by cryptographers and decryption by cryptanalysts. That has brought repeated cycles of development of a cryptographic algorithm, attempts to break it, followed by a new cipher algorithm to replace the obsolete ones.

14717-Symantec-VA-header-660x200.jpg

And that battle goes on today, with the big focus now on preventing keys from being factored/hacked. Most of us will no doubt have come into contact with the RSA algorithm in our...

Quentin Liu | 19 Aug 2013 | 0 comments

A few weeks ago at Black Hat 2013 in Las Vegas, there was a particularly interesting presentation entitled, “The Factoring Dead: Preparing for the Cryptopocalypse.” Here at Symantec, we found the topic particularly interesting. Tthe presentation touched on a key topic that we would like to highlight. RSA is a tried and true algorithm and pervasive throughout the ecosystem and there is no reason to mistrust it. This year the industry is moving from RSA 1024-bit certificates to 2048-bits based on NIST recommendations, as the compute power available to bad actors makes a brute force attack on 1024 bit keys increasingly practical. However, what the article mentioned was that recent advances in technology and mathematics have questioned whether this natural balance of bit length versus compute power has a third variable that could make RSA more vulnerable to factoring within 2-5 years. The presenters indicated that the Elliptic-curve cryptography, or the ECC algorithm, is...

Amer Sethi | 15 Aug 2013 | 1 comment

E-commerce is on a massive upward trajectory in the Middle East and North Africa (MENA) region. According to a recent report issued by Visa[1], nowhere else in the world is growing as fast: MENA experienced a 45% increase in 2012, compared to the previous year, with transactions soaring from $10 to $15 billion.[2] The fastest growing markets

For retailers who have tended to ignore or avoid this market, in favour of others that have seemed both more stable and lucrative, those figures are bound to make them think again. This is fertile territory and many of their rivals are now clearly reaping the rewards to be had there. So expect to see competition hotting up!

What are people buying online right now and how can the MENA region overcome some fundamental factors to drive growth even higher? The popular and growing areas for e-commerce right now are banking, paying...

Andy Horbury | 05 Aug 2013 | 1 comment

What a summer of sport it has been. We’ve witnessed in our millions the British & Irish Lions rugby team triumphing in the Rugby Union Test series in Australia; Chris Froome winning the 100th edition of the Tour de France; Missy Franklin taking a record sixth gold at the Swimming World Championships in Barcelona; the Miami Heat winning the NBA finals; and finally, for the first time in 77 years, a Brit claiming the Wimbledon men’s singles tennis title!

All of which is to say that nothing captures the public imagination quite like a major gathering, be that a sporting encounter or music festival, such as Glastonbury. And that is certainly true also of the IAAF World Athletics Championships in Moscow (10-18 August) where elite athletes from all over the globe will compete. Who wouldn’t want to be there to witness the outstanding battle of wills and talent out on the field and track? Who wouldn’t want to grab tickets fast before they all disappear?...

Andy Horbury | 29 Jul 2013 | 0 comments

Nick D'Aloisio hit the headlines recently by selling his Summly app to Yahoo for an estimated £18 million, which is not bad at all when you consider he is still a teenager.

So now you are hoping to emulate him. Fine. But first, although this may be stating the blindingly obvious, you need an idea. Let me rephrase that: you need a very good idea. But that doesn’t mean it’s just a very good idea to you. Other people need to think so, too, and not just your best mates, your parents, or devoted partner. I mean people you don’t know who would be willing to fork out their money for your app only after you’d convinced them it was worth every penny and a bit more. That, after all, is the ultimate test of anyone’s sincerity when it comes to doing business.

They do like it and would buy it? Great. But have you...

Andy Horbury | 25 Jul 2013 | 1 comment

There are deep and disturbing sides to the Internet where businesses should fear to tread, if they want to keep themselves safe. So called ‘dark’ search engines, for example, certainly need to be approached with extreme caution.

Take Shodan, a search engine that navigates the Internet's back channels. It's akin to a ‘dark’ Google, helping hackers to find out the servers, webcams, printers, routers, systems, networks etc… that are vulnerable to tampering.

Shodan has been designed to help users track down certain types of software and hardware, determine which applications are most popular, identify anonymous FTP servers, or investigate new vulnerabilities and what hosts they could infect. All good stuff and useful to know. But Shodan also serves as a window into millions of unsecured online connections; and you definitely wouldn’t want those connections to be yours. It...

Brook R. Chelmo | 24 Jul 2013 | 0 comments

As you search, and surf online; from time to time you may well come across a warning from your browser saying the site contains malware or perhaps that the connection is untrusted.  A recent study from UC Berkeley and Google, called Alice in Warningland, indicates that many of us choose to ignore these warnings on a daily basis. So if you do encounter these warnings what should you do?  What do they mean?  Let me guide you quickly through these and give some solid advice for staying safe online. 

 

The Website Ahead Contains Malware (Chrome); Reported Attack Page (Firefox)

Response:  STOP! Do Not Proceed!

What this means:  The site or individual page has been infected with Malware. Malware is malicious software that can do a variety of things most of them bad so you...

Jeannie Warner | 22 Jul 2013 | 0 comments

Videos are hot these days. People are posting home-made videos of everything from their cats to romantic rants or new songs. Some clever companies are starting to use customer video feedback for social outreach as well, hooking into this new viral craze. Sports fans like me have seen the competitions for the best customer-made commercial on TV, and looked up our favorites on YouTube.  

However, with all these videos being created, it creates a new vector for virii or other malware to be downloaded when people view the clips. It's clear that videos and testimonials are important to the future of marketing and social media, so what remains is a clear need to create, upload, and share videos more securely.

Buzztala, one of Symantec's partners, has created a Social Video Platform to work with businesses that want to let customers upload videos, testimonials, and other social networking content. Buzztala is running SSL on their hosting platform, and adds the...

Andy Horbury | 18 Jul 2013 | 0 comments

14717-Symantec-WSTR-header-660x200.jpg

We recently published Symantec’s Website Security Threat Report which contains a huge amount of information on the security threat landscape. In this series of blog posts we will focus on topics such as the re-emergence of phishing, the rise of malware and what you need to be aware of to keep your work and personal life secure.

Starting with Phishing…Over the past few years there has been a slight change to the type of phishing attacks we’ve seen. As sites such as Facebook and Twitter have grown in popularity, they have drawn the attention of the cybercriminal fraternity and we’ve seen a significant increase in spam and phishing...