<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: ssl

Shooting Phish in a Barrel: How Phishing Sites are Fooling You With SSL/TLS Certificates

In the past, a green padlock icon would inform the user that a site is secure and legit, whether it was true or false. Now, that is no longer the case. We are seeing more and more phishing sites using SSL/TLS certificates to try and fool people into thinking that a phishing site is actually legitimate. The appearance of free SSL/TLS certificates, which can be applied with ease (Let’s Encrypt, Comodo and more), allow scammers to harness SSL certificates to their own agenda, giving misguided people the felling of false security.

Read More

Share this:

ThreatSTOP blocking Superfish

At ThreatSTOP we have been reading about the Lenovo/Superfish adware security hole with amazement. Not so much at the enormous gaping hole that has been discovered (sadly that seems to be SOP at too many places) but at the way that the various parties involved have completely failed to understand that they have created such an enormous gaping hole.

Read More

Share this:

ThreatSTOP not vulnerable to Heartbleed

The Heartbleed vulnerability* has burst into public consciousness and generated a lot of justified concern that login information and other confidential data may have been at risk because of it.

Read More

Share this:

Who is more secure - Facebook or the botnets?

The recent release of the firesheep plugin, which makes it trivially easy for anyone running it to "sidejack" anyone else on the same unsecured public wifi network, highlights how insecure many popular websites (including social media sites such as Facebook) are. Even if the actual login is encrypted, typically subsequent data is sent unencrypted and that includes the key login session cookie. Firesheep allows its users to capture those cookies and use them themselves.

Read More

Share this:

Home Page

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter