Latest social networking attack highlights need for SSL to be always 'linked in'

Professional networking site Linkedin is the latest to suffer from its intermittent SSL use. Like Facebook and Twitter, Linkedin only encrypts information during login and other sensitive web pages.

But yesterday, a researcher claimed to exploit vulnerabilities in the way Linkedin transmits cookies (in plain text over unencrypted channels).

Share this:

Android apps open for attack

We’ve blogged about mobile SSL security before. But as we’ve just found out that several of Google’s Android apps, including Google calendar, aren’t secured by SSL encryption, we thought we’d blog on about the importance of mobile security.

Share this:

EV SSL uptake increasing, but still ‘below adequate levels’, says the Online Trust Alliance.

The latest security scorecard from the Online Trust Alliance (OTA) has identified a 68% growth in Extended Validation SSL in the last year. Great progress, but this still only represents 45% of retail and banking websites that are using EV SSL.

Share this:

SSL is the word at Google AdWords

From 17 May, Google AdWords will only advertise businesses that use SSL encryption.

Share this:

Tips for your tablet or Smartphone

Tablets and smartphones are everywhere, and with this next generation of mobile computing comes a new generation of fraudsters.

Share this:

Targeted attacks at two year high

A recent intelligence report from security giant Symantec revealed that this month's targeted attacks were the highest they'd been in two years, since the run up to the G20 Summit.

In April, one in 168.6 emails contained malware, and targeted attacks accounted for approximately 0.02 percent of these. This represents a 10.5% increase over a period of six months and highlights the need for businesses to take precautions and be proactive against such attacks, by running regular malware scans, for example.

Share this:

Why IT Staff Shouldn't Tackle Online Security without a little help from Marketing

In many - or indeed most - companies that buy website security to protect their visitors' privacy online, it is a technical person who does the buying. However, technical buyers often buy lesser products that are merely "statistically good enough" but devoid of any signs of trust.

Marketing realises it needs to work first and foremost, but the trust inspired in the end user is all that matters. Marketing buyers generally foster greater trust and transparent online identity by picking the products that makes us feel safe online.

Only phishers, fraudster, and scammers lose out by increasing the visible trust signs on your website.

Share this:

Twitter: celebrating five years of malware

Who knew Tweets of just 140 characters could cause so much trouble? But as Twitter gets ready to celebrate its fifth birthday, security company Kaspersky Lab takes a look back at the social networks security glitches.

The glitch list includes a malware campaign in 2009, where Tweeters were tricked into visiting bogus exclusive video sites only to be infected with Malware, and a vulnerability in SMS authentication which allowed users to update someone else’s status via text message, back in 2007.

Share this:

French retail giant secures business with GlobalSign EV

French clothing brand Petit Bateau is securing its sales – and its customers – with GlobalSign EV SSL.

Share this:

VeriSign now available in iPad app store

Symantec’s VeriSign Identity Protection (VIP) Access for Mobile feature is now available as an iPad app, which users can buy from the App store.

Share this:

Security threats go social and mobile

According to Symantec’s latest ‘Internet Security Threat Report’, there were more than 286 million new threats last year.

2010 was also the year when cyber criminals added more strings to their frauduelent bows, with new security threats and trends emerging.

Share this:

New GlobalSign passport ratings put businesses’ reputations in the hands of consumers

GlobalSign – one of the longest established Certificate Authorities – has partnered with community-powered surfing tool, Web of Trust, to bring user ratings to its passport service.

Share this:

Symantec secures over 70% of top websites

Symantec’s SSL brands – VeriSignGeoTrustThawte and RapidSSL – command over 70% of SSL certificates on the world’s most popular domains, according to the latest Alexa Netcraft Index.

Share this:

Malware and phishing attacks continue to rise

Security research company, Pandalabs, has reported a 26% increase in malware in the first quarter of 2011.

Over 73,000 samples of new malware are being detected on a daily basis so far in 2011. That’s an extra 10,000 per day compared to 2010.

Share this:

Facebook updates mobile app with better SSL security

Last month, serious security issues threatened the Facebook for Android application. Personal data was being sent unencrypted and hackers could post to other people’s Facebook accounts, without even much hacking involved. Facebook has now addressed these issues with bolstered SSL security.

Share this:

GlobalSign secures 2000 new sites in just one month

The lastest Netcraft figures are in, and they show that GlobalSign - one of the oldest Certificate Authorities – secured 2000 new sites last month.

Share this:

Japan disaster used in phishing scams

Phishers are using the recent Japan quake – and its aftermath – in scams to steal from humanitarians trying to donate money towards disaster relief.

Share this:

US Senator calls for HTTPS

New York Senator Charles Schumer has called for Amazon, Twitter and Yahoo to deploy HTTPS (SSL security) as the default option on their sites.

Share this:

ICC World Cup used as bait by phishers

According to daily paper, Daily news and Analysis, this year’s cricket world cup is being used by phishers to lure cricket fans to fake sites to book their tickets.

Share this:

BBC hit by malware

This week, security solutions company Websense discovered malware on the BBC’s 6 Music and 1Xtra radio streaming sites.

Share this: