Video Screencast Help

Website Security Solutions

Showing posts tagged with SSL Certificates
Showing posts in English
Tim Callan | 15 Mar 2011 | 0 comments

If you're attending Search Engine Strategies next week in New York City, make sure you come by and see our presentation on how trust indicators drive traffic from search results and maximize click-through rates on landing pages. Trust the link. Trust the Website. Trust the Transaction.

Tim Callan | 11 Mar 2011 | 0 comments

For the past seven years or so we've seen a common criminal practice of creating just-in-time phishing scams around breaking news or other current events. These scams consistently appear for predictable events such as tax time or even March Madness, but they also arrive very quickly when high profile natural disasters occur. Dating back at least as far as the Katrina/Rita disaster (and occurring as recently as February's earthquake in Christchurch, New Zealand), these attacks seek to prey on concerned well wishers trying to donate money to aid disaster relief. The good...

Tim Callan | 10 Mar 2011 | 0 comments

Blogger Roman Poroshyn recently posted commentary pointing out that code signing certificates can be stolen (as illustrated by the Stuxnet attack) and that he expects the syndrome of stolen certificates to continue in 2011. Roman writes,

Stuxnet has made it painfully clear that a virtual identity can be stolen. Authorities issuing digital certificates are unable to prevent that and their response is always delayed, because it is based on reports from computer security companies.

The good news is that a well developed code signing paradigm exists that can greatly improve our ability to defend against certificate theft. It's called...

Tim Callan | 03 Mar 2011 | 0 comments

Less than a week after New York Senator Charles Schumer called out Twitter by name for incomplete SSL implementation (along with Yahoo and Amazon) the popular social networking site finds itself in the SSL media crosshairs once again. Specifically, Ashton Kutcher had his Twitter account taken over. The thief tweeted a pair of messages, which were

Ashton, you've been Punk'd

and then

This account is not secure. Dude, where's my SSL?

While it's to Twitter's discredit that such a high profile service hasn't even secured its login pages at this late date, unfortunately Twitter...

Tim Callan | 03 Mar 2011 | 0 comments

Whole buncha headlines yesterday as Google pulled the plug on more than fifty Android apps for containing malware. Threatpost has a good writeup here, and Android Police has even more detail here and here. Existing writing on the subject has focused on the cleverness and skill of the trojan itself, along with...

Tim Callan | 02 Mar 2011 | 0 comments

At Search Engine Strategies in New York City last year I was interviewed by Patti Simone of WomenCentric and Marketing-Advantage.net. Patti posted the video, in which I explain VeriSign Seal-in-Search and show a heat map of real search results. It's a pretty crisp description of Seal-in-Search, and the pictures are helpful, but do try to ignore my right hand. Next time I promise I'll tie it behind my back.

Tim Callan | 01 Mar 2011 | 0 comments

The newest Netcraft report is in, and we've seen that the Symantec SSL offerings have increased in share by 2% from a year previously. Symantec is the only major CA to increase in share during the last year and has one and a half times the share of the nearest competitor. Symantec's share in the EV SSL and OV SSL markets is greater than 50%, and our EV share on its own is over 70%. The SSL brands covered under Symantec in the Netcraft report are VeriSign SSL, GeoTrust SSL, Thawte SSL,...

Tim Callan | 28 Feb 2011 | 0 comments

The SSL blog has covered the progress in adoption of full https coverage on popular web sites such as gmail and Facebook. By extending SSL coverage for the entirety of a user's session, not just the login screen, the site can defeat new attacks such as Firesheep which will make it possible for man-in-the-middle attacks to harvest potentially damaging information from sessions that otherwise would appear to be safe for...

Tim Callan | 23 Feb 2011 | 0 comments

This new white paper from the Aberdeen Group studies adoption of Extended Validation SSL Certificates and how it varies between what Aberdeen calls Best-in-Class, Average, and Laggard IT organizations.