Category Archives: Security

It’s Time To Think Seriously About Retiring TLS Certificates Using SHA-1 Hashes

Time To Retire SHA-1SSL / TLS certificates and the certificate authorities that sign them are vital to online security. They’re responsible for two important aspects of secure online communication: encrypting network traffic and verifying the identity of sites. Any SSL / TLS certificate can be used to encrypt data, but only certificates signed by a certificate authority can be used to verify the identity of a site. If the identity verification system stopped working, there would be no way to stop a malicious site from pretending to be your bank, Google, or any other site. Read more »

Are Developers Being Overwhelmed By An Ever Changing Security Landscape?

Developers Overwhelmed By Security LandscapeIt’ll come as no surprise that many developers feel they are losing the battle against online criminals and data thieves. With ever increasing frequency, we hear of major security breaches at organizations users should be able to trust with their data. As more of the economy moves online, the potential rewards for hackers have increased exponentially. Developers feel beleaguered. In a reversal of the usual commonplace about criminals and those who fight them, hackers have the luxury of making as many mistakes as they need to before they hit on the right strategy. Developers pay dearly for any mistakes they make in the design and construction of secure systems. Read more »

An Overweight CMS Is Bad For Performance And Security

Overweight CMS Bad Fro Performance And SecurityModern content management systems make it almost too easy to install new features. WordPress in particular has a plugin and theme ecosystem that encourages experimentation. Tens of thousands of developers contribute plugins to the WordPress ecosystem, and browsing through the plugin repository presents enticements at every turn. The temptation is to install plugins on a whim — after all, they’re free, so why not? Read more »

Containers Aren’t As Easy To Secure As They Should Be

Containers Not Easy To SecureUnless you’ve been hiding under a rock, you’ll be well aware of the recent critical vulnerability discovered in the GNU C Library, a core component of the vast majority of Linux distributions. The vulnerable function was used in many thousands of Linux applications across potentially millions of devices, including servers. Read more »

This Is Why We Need Something Better Than Checksums To Verify Downloaded Software

We Need Something Better Than ChecksumThe developers behind a popular desktop Linux distribution recently revealed that their site had been hacked. For several hours the link leading to one or more of the distribution’s direct downloads in fact lead to a compromised version of the distro with a backdoor installed. If users downloaded the distribution during that period, they may have installed an operating system that was wide open to an attacker. The attacker responsible, who goes by the name of Peace, claimed that he has control over several hundred machines running Mint. Read more »

Cyberattacks Are Getting Worse – But How Can You Defend Against Them?

Cyber Attacks Are Getting WorseOn December 23, a large section of Ukraine went dark. The source wasn’t mechanical failure, nor was it human error. According to Ukrainian officials, it was a cyber-attack, the source of which was reportedly Russia.

To make matters worse, a more recent attack against Kiev’s main airport probably originated from the same source. Read more »

The Worst Data Breaches Of 2015

Worst Data Breaches Of 2015It can get kind of exhausting, trying to keep up with all the data breaches surfacing in the media. It seems like almost every other week, there’s some new crisis in circulation; a new leak, hack, or exploit that puts our personal information at risk. Some are worse than others – a hospital losing a few thousand patient names versus a bank losing hundreds of thousands of financial records, but every breach of private data has the potential to wreak considerable emotional and financial harm on the people concerned.

Today, we’re going to take a look back at some of the worst data breaches we saw this year. Hopefully, as we move forward into 2016, we don’t start seeing incidents that top them (though we probably will). Read more »

Everything You Need To Know About The Cryptowall Ransomware

Cryptowall RansomwareAccording to Trend Micro, 2016 will be “the year of online extortion.” Ransomware and extortion tactics targeting users both within enterprise and without will see a sharp increase. Online threats, the report explains, will “evolve to rely more on mastering the psychology behind each scheme than mastering the technical aspects of the operation.” Read more »

Why Spam Protection Is As Much About Security As SEO

Spam Protection And SEOIf you’ve ever used the Internet, you’ve dealt with spam. From fraudulent Nigerian Princes to socially-engineered phishing attempts to word-salad comments on blog posts, spam’s as much a part of the Internet as pictures of cats. As a result, most of us have kind of just accepted that it exists and moved on. Read more »

get in touch Get in touch with us

Questions? Concerns? Comments? We want to hear from you! Drop us a line with whatever is on your mind and we will get back to you ASAP!!



Signup to be the first to know about new products and services!