Video Screencast Help
Website Security Solutions
Showing posts tagged with SSL
Showing posts in English
Sven29 | 23 Jan 2014 | 1 comment

SSL certificates do more than encrypt data, they also authenticate websites. This is an important and fundamental function because it builds trust. Website visitors see the SSL padlock or HTTPS and they believe that the site is genuine.

In the fight against fake sites, phishing and fraud, trustworthy SSL certificates are essential.

This is why domain-validated certificates can be dangerous.

What is domain validation?

Certificate Authorities (CAs) will issue a domain-validated certificate to anyone who is listed as the domain admin contact in the WHOIS record of a domain name. They just send an email to the contact email address and that’s it.

It is the lowest level of authentication used to validate SSL certificates. Higher levels include organisationally-validated and extended validation certificates which require more detailed checks.

Why can...

Elliot_Samuels | 19 Dec 2013 | 1 comment

If you use SSL certificates on intranet sites with internal server names, they may not work from 1 November 2015.

For companies with complex infrastructures, the change may be challenging but now is the time to start getting ready.If you use SSL certificates on intranet sites with internal server names, they may not work from 1 November 2015.

For companies with complex infrastructures, the change may be challenging but now is the time to start getting ready.

Local vs. global address

Imagine you have a server on your network. It may have an IP address that is resolvable on the internet, but it’s more likely to have an address that is only valid on the local network, such as 192.168.1.1. It is also likely to have a domain name that is only resolvable on the local network, such as https://intranet.local or https://mail.

Certification challenges

Without unique domain names that can be resolved in the context of the public...

Andy Horbury | 06 Dec 2013 | 0 comments

I’d like to share two webinars with you that we delivered this week

The first was Attack of the Cyber Spies a webinar delivered as part of BrightTALK’s Hackers Summit which you can access here.

The second is the December update of the regular webinar series I do with my colleague Andrew Shepherd: Website Security Threats: December Update

I've also posted both webinar slide decks to Slideshare here

Finally, I’d also like to share this blog posted by Tom Powledge who is the VP of the Website Security Solutions division here at Symantec Keeping Your Data Safe with SSL

We'll be back next week with some new blogs.

Jimmy Edge | 14 Nov 2013 | 0 comments
This blog post is based on the new Symantec Website Security Solutions free white paper, The Power to Destroy: How Malware Works which pulls together statistics from across Symantec’s global security network. The white paper is available in French, German, Spanish and Italian.

If you own or run a website, did you know that the website itself could be the target of cyber criminals who can breach the site and use it as a tool to spread malware and infect your customers’ devices?

Certain weaknesses or vulnerabilities in your website, such as unpatched servers and cross-site scripting, can lead to security breaches which have been known to cost...

Andy Horbury | 27 Sep 2013 | 1 comment

14717-Symantec-UMB-header-660x200.jpg

Your website is your window on the world – it’s your shop front, your brand on display and a key route to market and perhaps your most essential sales and marketing tool. And as such it critical to your business: and if something bad were to happen then it would be a disaster your shop could be closed, your reputation tarnished and visitors stopped coming. This is why website security is so important.

We’ve designed this infographic to help educate you and help you understand six threats to your website and what you can do to prevent them.

1. Website malware

Web servers can be attacked by malware, compromising...

Andy Horbury | 21 Aug 2013 | 0 comments

Ciphers have been in use since around 3,000B.C., but their importance and relevance for information security has really come to the mainstream with the growth of the Internet and the escalating volumes of data exchanged on line every day.

The history of ciphers and encryption is a compelling one – being a constant battle between encryption by cryptographers and decryption by cryptanalysts. That has brought repeated cycles of development of a cryptographic algorithm, attempts to break it, followed by a new cipher algorithm to replace the obsolete ones.

14717-Symantec-VA-header-660x200.jpg

And that battle goes on today, with the big focus now on preventing keys from being factored/hacked. Most of us will no doubt have come into contact with the RSA algorithm in our...

Andy Horbury | 05 Aug 2013 | 1 comment

What a summer of sport it has been. We’ve witnessed in our millions the British & Irish Lions rugby team triumphing in the Rugby Union Test series in Australia; Chris Froome winning the 100th edition of the Tour de France; Missy Franklin taking a record sixth gold at the Swimming World Championships in Barcelona; the Miami Heat winning the NBA finals; and finally, for the first time in 77 years, a Brit claiming the Wimbledon men’s singles tennis title!

All of which is to say that nothing captures the public imagination quite like a major gathering, be that a sporting encounter or music festival, such as Glastonbury. And that is certainly true also of the IAAF World Athletics Championships in Moscow (10-18 August) where elite athletes from all over the globe will compete. Who wouldn’t want to be there to witness the outstanding battle of wills and talent out on the field and track? Who wouldn’t want to grab tickets fast before they all disappear?...

Andy Horbury | 25 Jul 2013 | 1 comment

There are deep and disturbing sides to the Internet where businesses should fear to tread, if they want to keep themselves safe. So called ‘dark’ search engines, for example, certainly need to be approached with extreme caution.

Take Shodan, a search engine that navigates the Internet's back channels. It's akin to a ‘dark’ Google, helping hackers to find out the servers, webcams, printers, routers, systems, networks etc… that are vulnerable to tampering.

Shodan has been designed to help users track down certain types of software and hardware, determine which applications are most popular, identify anonymous FTP servers, or investigate new vulnerabilities and what hosts they could infect. All good stuff and useful to know. But Shodan also serves as a window into millions of unsecured online connections; and you definitely wouldn’t want those connections to be yours. It...

Brook R. Chelmo | 24 Jul 2013 | 0 comments

As you search, and surf online; from time to time you may well come across a warning from your browser saying the site contains malware or perhaps that the connection is untrusted.  A recent study from UC Berkeley and Google, called Alice in Warningland, indicates that many of us choose to ignore these warnings on a daily basis. So if you do encounter these warnings what should you do?  What do they mean?  Let me guide you quickly through these and give some solid advice for staying safe online. 

 

The Website Ahead Contains Malware (Chrome); Reported Attack Page (Firefox)

Response:  STOP! Do Not Proceed!

What this means:  The site or individual page has been infected with Malware. Malware is malicious software that can do a variety of things most of them bad so you...

Andy Horbury | 18 Jul 2013 | 0 comments

14717-Symantec-WSTR-header-660x200.jpg

We recently published Symantec’s Website Security Threat Report which contains a huge amount of information on the security threat landscape. In this series of blog posts we will focus on topics such as the re-emergence of phishing, the rise of malware and what you need to be aware of to keep your work and personal life secure.

Starting with Phishing…Over the past few years there has been a slight change to the type of phishing attacks we’ve seen. As sites such as Facebook and Twitter have grown in popularity, they have drawn the attention of the cybercriminal fraternity and we’ve seen a significant increase in spam and phishing...