Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions
Showing posts tagged with SSL Certificates
Showing posts in English
Elliot_Samuels | 05 Mar 2014 | 4 comments

Do you have any intranet sites with a domain name like https://intranet.local? Or a mail server with an address like https://mail? These kind of internal-only domain names are very common but they pose a real problem.

SSL certificates on an intranet

Symantec and other Certification Authorities (CAs) and browser vendors, that make up the CA/Browser Forum have decided to stop issuing SSL certificates chained to a public root which cannot be resolved in the context of the public internet.

This means that domain names need to be globally unique and not just unique on your network. So if you have a .local domain that you use internally, you will soon no longer be able to purchase a validated SSL certificate for this name.

With the emergence of new gTLDs, such as .london, and the likelihood that many of the very common names used to identify server...

Andy Horbury | 27 Sep 2013 | 1 comment

14717-Symantec-UMB-header-660x200.jpg

Your website is your window on the world – it’s your shop front, your brand on display and a key route to market and perhaps your most essential sales and marketing tool. And as such it critical to your business: and if something bad were to happen then it would be a disaster your shop could be closed, your reputation tarnished and visitors stopped coming. This is why website security is so important.

We’ve designed this infographic to help educate you and help you understand six threats to your website and what you can do to prevent them.

1. Website malware

Web servers can be attacked by malware, compromising...

Andy Horbury | 21 Aug 2013 | 0 comments

Ciphers have been in use since around 3,000B.C., but their importance and relevance for information security has really come to the mainstream with the growth of the Internet and the escalating volumes of data exchanged on line every day.

The history of ciphers and encryption is a compelling one – being a constant battle between encryption by cryptographers and decryption by cryptanalysts. That has brought repeated cycles of development of a cryptographic algorithm, attempts to break it, followed by a new cipher algorithm to replace the obsolete ones.

14717-Symantec-VA-header-660x200.jpg

And that battle goes on today, with the big focus now on preventing keys from being factored/hacked. Most of us will no doubt have come into contact with the RSA algorithm in our...

Andy Horbury | 25 Jul 2013 | 1 comment

There are deep and disturbing sides to the Internet where businesses should fear to tread, if they want to keep themselves safe. So called ‘dark’ search engines, for example, certainly need to be approached with extreme caution.

Take Shodan, a search engine that navigates the Internet's back channels. It's akin to a ‘dark’ Google, helping hackers to find out the servers, webcams, printers, routers, systems, networks etc… that are vulnerable to tampering.

Shodan has been designed to help users track down certain types of software and hardware, determine which applications are most popular, identify anonymous FTP servers, or investigate new vulnerabilities and what hosts they could infect. All good stuff and useful to know. But Shodan also serves as a window into millions of unsecured online connections; and you definitely wouldn’t want those connections to be yours. It...

Andy Horbury | 18 Jul 2013 | 0 comments

14717-Symantec-WSTR-header-660x200.jpg

We recently published Symantec’s Website Security Threat Report which contains a huge amount of information on the security threat landscape. In this series of blog posts we will focus on topics such as the re-emergence of phishing, the rise of malware and what you need to be aware of to keep your work and personal life secure.

Starting with Phishing…Over the past few years there has been a slight change to the type of phishing attacks we’ve seen. As sites such as Facebook and Twitter have grown in popularity, they have drawn the attention of the cybercriminal fraternity and we’ve seen a significant increase in spam and phishing...

Brook R. Chelmo | 28 Jun 2013 | 0 comments

Migrating certificates during a major key size migration can be difficult at best. I’m going to give you some background, share a great video we have produced, as well as share seven steps to aid in this migration.

Background - Key Sizes Change with Time

Since the RSA algorithm was first publically described in 1977 by Ron Rivest, Adi Shamir, and Len Adleman, 17 key sizes have been factored (hacked).  So far the highest key size that was factored was RSA 768-bit in 2009.  As cloud computing grows so does the threat that RSA 1024-bit will be factored as well. 

Industry Response – Bring 1024-bit Certificate to End-of-Life

In order to be proactive, Certification Authorities (CAs) have been tasked to bring these certificates to end-of-life by the end of 2013.  An end date of December 31, 2013 was listed by...

Andy Horbury | 10 May 2013 | 0 comments

I hope by now that you are aware that the Certificate Authority/Browser Forum has mandated that Certificate Authorities stop supporting 1024-bit key length RSA certificates for both SSL and code signing by the end of this year (2013). To learn more about these changes please read the CA/Browser Forum’s paper on the Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates

What do you need to do?

Any Symantec customers with certificates expiring this year (2013) will need to renew by generating a Certificate Signing Request (CSR) of 2048 bits or higher. Any Symantec customers with certificates expiring in 2014 or later will need to replace and upgrade all 1024-bit certificates with 2048-bit RSA/DSA or 256-bit ECC certificates by 1st October 2013. All existing 1024-bit...

Andy Horbury | 21 Feb 2013 | 2 comments

14717-Symantec-UMB-header-660x200.jpg

Following on from our recent webinar on the theme of website optimisation we have developed a series of three blog posts that discuss website optimisation. These are high level blogs and not intended to be all encompassing but rather have been designed to kick start thoughts on concepts such as tips to keep your website safe, SEO and in this final post, website analytics.....

How to make the most of website analytics

Website analytics tools, such as Google Analytics, Optimizely or Mint, are invaluable tools when it comes to guiding your marketing and website development but only if you know how to make the most of the data...

Andy Horbury | 19 Feb 2013 | 2 comments

Following on from our recent webinar on the theme of website optimisation we have developed a series of three blog posts that discuss website optimisation. These are high level blogs and not intended to be all encompassing but rather have been designed to kick start thoughts on concepts such as analytics, SEO and some tips to keep your website safe..

Seven ways to keep your website safe

Broken links, badly formatted code, page errors and expired SSL certificates can hurt the quality and ranking of your site. Running a website isn’t simply a case of setting it up and forgetting about it. It’s not quite build it and they will come, you need to maintain it, keep it safe and secure it in order to maximize traffic, sign-ups and conversions. Here are seven top tips for a safe and successful website:

...

Brad | 06 Feb 2013 | 0 comments

Sometimes, serendipity happens.

Here at Website Security Solutions, we're constantly striving to educate people on how important SSL Certificates are to the Internet. The Norton Secured Seal represents trust on the internet; a sure mark that the website where it is displayed represents a site that can be trusted to conduct business transactions.  We try to educate consumers about how to shop safely, and conduct their business online with a minimum of risk; because it's a world full of internet predators out there trying to steal people's money, their data, and their very identity.

Consumer education is one of the most important things we can do in the Security industry. We have to teach people what to look for, how to surf safely, and how to protect themselves. And all...