Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions
Showing posts in English
Tom Powledge | 11 Sep 2013 | 0 comments

If you have any SSL certificates with less than 2048-bit keys, now is the time to upgrade. Why? Because the Certification Authority/Browser (CA/B) Forum and the National Institute of Standards and Technology have determined that any key length below 2048-bit is no longer strong enough. As computer power increases, anything less than 2048-bit certificates are at risk of being compromised by hackers with readily-available processing capabilities. The cybersecurity industry is moving to adoption of SSL certificates employing at least 2048-bit encryption to help preserve internet security.

As a result, these bodies have mandated that all CAs stop issuing 1024-bit certificates and revoke any certificates with key lengths below 2048-bit after Dec. 31, 2013. While that deadline is still months away, Symantec will revoke some certificates...

Jimmy Edge | 05 Sep 2013 | 0 comments


Last year saw a shift in website threats, with more targeted attacks emerging that were aimed at small and medium businesses. While website security should always be at the forefront of any online business, a new Symantec infographic emphasises the importance of paying attention to the findings and enforcing any necessary changes in the online presence of a SME so that they are less likely to become the victim of malicious threats.

The first part of the Infographic takes a look at some of the concerning figures that were seen last year, including the phenomenal 24 million identities that were stolen as a result of one breach of security...

geoffnoakes | 29 Aug 2013 | 0 comments

Facebook announced on July 31st that they have implemented https as default for all of their users. This means that almost all traffic to and 80% of traffic to will be using a secure connection. This is both a significant accomplishment for Facebook, who first made the option of using https available two years ago, but it is also great news for their users. When users log into Facebook and see https in the URL, the information they share is encrypted by a Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate. One of the most significant challenges Facebook faced in the implementation of default https was the impact on performance. Moving from http to https is much more complex than it might appear, and it is not simply re-rerouting from http to the https. SSL...

Andy Horbury | 21 Aug 2013 | 0 comments

Ciphers have been in use since around 3,000B.C., but their importance and relevance for information security has really come to the mainstream with the growth of the Internet and the escalating volumes of data exchanged on line every day.

The history of ciphers and encryption is a compelling one – being a constant battle between encryption by cryptographers and decryption by cryptanalysts. That has brought repeated cycles of development of a cryptographic algorithm, attempts to break it, followed by a new cipher algorithm to replace the obsolete ones.


And that battle goes on today, with the big focus now on preventing keys from being factored/hacked. Most of us will no doubt have come into contact with the RSA algorithm in our...

Quentin Liu | 19 Aug 2013 | 0 comments

A few weeks ago at Black Hat 2013 in Las Vegas, there was a particularly interesting presentation entitled, “The Factoring Dead: Preparing for the Cryptopocalypse.” Here at Symantec, we found the topic particularly interesting. Tthe presentation touched on a key topic that we would like to highlight. RSA is a tried and true algorithm and pervasive throughout the ecosystem and there is no reason to mistrust it. This year the industry is moving from RSA 1024-bit certificates to 2048-bits based on NIST recommendations, as the compute power available to bad actors makes a brute force attack on 1024 bit keys increasingly practical. However, what the article mentioned was that recent advances in technology and mathematics have questioned whether this natural balance of bit length versus compute power has a third variable that could make RSA more vulnerable to factoring within 2-5 years. The presenters indicated that the Elliptic-curve cryptography, or the ECC algorithm, is...

Amer Sethi | 15 Aug 2013 | 1 comment

E-commerce is on a massive upward trajectory in the Middle East and North Africa (MENA) region. According to a recent report issued by Visa[1], nowhere else in the world is growing as fast: MENA experienced a 45% increase in 2012, compared to the previous year, with transactions soaring from $10 to $15 billion.[2] The fastest growing markets

For retailers who have tended to ignore or avoid this market, in favour of others that have seemed both more stable and lucrative, those figures are bound to make them think again. This is fertile territory and many of their rivals are now clearly reaping the rewards to be had there. So expect to see competition hotting up!

What are people buying online right now and how can the MENA region overcome some fundamental factors to drive growth even higher? The popular and growing areas for e-commerce right now are banking, paying...

Andy Horbury | 05 Aug 2013 | 1 comment

What a summer of sport it has been. We’ve witnessed in our millions the British & Irish Lions rugby team triumphing in the Rugby Union Test series in Australia; Chris Froome winning the 100th edition of the Tour de France; Missy Franklin taking a record sixth gold at the Swimming World Championships in Barcelona; the Miami Heat winning the NBA finals; and finally, for the first time in 77 years, a Brit claiming the Wimbledon men’s singles tennis title!

All of which is to say that nothing captures the public imagination quite like a major gathering, be that a sporting encounter or music festival, such as Glastonbury. And that is certainly true also of the IAAF World Athletics Championships in Moscow (10-18 August) where elite athletes from all over the globe will compete. Who wouldn’t want to be there to witness the outstanding battle of wills and talent out on the field and track? Who wouldn’t want to grab tickets fast before they all disappear?...

Andy Horbury | 29 Jul 2013 | 0 comments

Nick D'Aloisio hit the headlines recently by selling his Summly app to Yahoo for an estimated £18 million, which is not bad at all when you consider he is still a teenager.

So now you are hoping to emulate him. Fine. But first, although this may be stating the blindingly obvious, you need an idea. Let me rephrase that: you need a very good idea. But that doesn’t mean it’s just a very good idea to you. Other people need to think so, too, and not just your best mates, your parents, or devoted partner. I mean people you don’t know who would be willing to fork out their money for your app only after you’d convinced them it was worth every penny and a bit more. That, after all, is the ultimate test of anyone’s sincerity when it comes to doing business.

They do like it and would buy it? Great. But have you...

Andy Horbury | 25 Jul 2013 | 1 comment

There are deep and disturbing sides to the Internet where businesses should fear to tread, if they want to keep themselves safe. So called ‘dark’ search engines, for example, certainly need to be approached with extreme caution.

Take Shodan, a search engine that navigates the Internet's back channels. It's akin to a ‘dark’ Google, helping hackers to find out the servers, webcams, printers, routers, systems, networks etc… that are vulnerable to tampering.

Shodan has been designed to help users track down certain types of software and hardware, determine which applications are most popular, identify anonymous FTP servers, or investigate new vulnerabilities and what hosts they could infect. All good stuff and useful to know. But Shodan also serves as a window into millions of unsecured online connections; and you definitely wouldn’t want those connections to be yours. It...

Brook R. Chelmo | 24 Jul 2013 | 0 comments

As you search, and surf online; from time to time you may well come across a warning from your browser saying the site contains malware or perhaps that the connection is untrusted.  A recent study from UC Berkeley and Google, called Alice in Warningland, indicates that many of us choose to ignore these warnings on a daily basis. So if you do encounter these warnings what should you do?  What do they mean?  Let me guide you quickly through these and give some solid advice for staying safe online. 

The Website Ahead Contains Malware (Chrome); Reported Attack Page (Firefox)

Response:  STOP! Do Not Proceed!

What this means:  The site or individual page has been infected with Malware. Malware is malicious software that can do a variety of things most of them bad so you definitely want to...