Demystifying two common misconceptions with e-commerce security
HTTPS and iframe containers augment security, but are not a panacea for online shoppers and merchants.
Rocket Loader skimmer impersonates CloudFlare library in clever scheme
URLs can be deceiving, but the one used to mimic CloudFlare’s Rocket Loader in the latest Magecart attack takes it to a whole new level.
A week in security (January 14 – 20)
A roundup of last week’s security news from January 14 to 20, including APT10, Fallout EK, Colllection 1 data, Youtube challenges, hosting malicious sites and a Fortnite security flaw.
Something else is phishy: How to detect phishing attempts on mobile phones
Phishing is more problematic on smartphones than on desktops. Not only that, approaches to handling phishing attacks on mobile are quite different because their techniques are also different. So, how can users sniff out a mobile phish? Let us count the ways.
A week in security (May 7 – May 13)
A roundup of security news from May 7 – May 13, including a new zero-day for Internet Explorer, a Netflix phishing scam, a worm found in Facebook’s Messenger, and more.
HTTPS: why the green padlock is not enough
Cheap hosting deals offering free certificates have made the green padlock a less convincing sign of security. Here’s what to look for to ensure a website is safe to visit.
Cybersecurity New Year’s resolutions, you say? Why not.
It’s no surprise that our resolutions are usually about health, finances, relationships, and self-improvement. As all of us live digital lives, too, why not think up cybersecurity New Year’s resolution that concern our online health and safety?
Release the KRACKen: flaw in Wi-Fi security leaves users vulnerable
A serious flaw in the wireless protocol that secures all modern protected Wi-Fi networks has been discovered. If your device supports Wi-Fi, it is most likely affected. This feasible attack, dubbed KRACK, could abuse design or implementation flaws in the Wi-Fi standard, not some specific hardware.
Google reminds website owners to move to HTTPS before October deadline
To encourage website owners and service providers to move to HTTPS, Google began sending out emails to remind them that their sites will be marked as insecure if they don’t comply. This is the latest step in the search giant’s long-term effort of creating a safer web experience for every user.
HTTPS… Everywhere!
We recently updated our redirections rule in HTTPS-Everywhere, a browser extension that automatically redirects you to the HTTPS version of the website you are trying to visit. Now is a good time for us to give a short overview of how important HTTPS is. We’ll also talk about a few major HTTPS-related events that happened lately.
