HTTPS as a ranking signal

Webmaster level: all Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google. Beyond our own stuff, we’re also working to ...

Still reeling from Heartbleed, OpenSSL suffers from crypto bypass flaw

Bug in crypto library strips away one of the Internet’s most crucial protections. Wikimedia A researcher has uncovered another severe vulnerability in the OpenSSL cryptographic library. It allows attackers to decrypt and modify Web, e-mail, and virtual private network traffic protected by the transport layer security (TLS) protocol, the Internet’s most widely used method for ...

How I used Heartbleed to steal a site’s private crypto key

Extracting keys from unpatched servers requires skill, but it’s eminently doable. Aurich Lawson / Thinkstock By now everyone knows about the OpenSSL Heartbleed vulnerability: a missing bounds check in one of the most popular TLS implementations has made millions of Web servers (and more) leak all sorts of sensitive information from memory. This can leak login credentials, authentication cookies, ...

Private crypto keys are accessible to Heartbleed hackers, new data shows

Four people have been able to see server keys and certificates in a test. Aurich Lawson / Thinkstock Contrary to previous suspicions, it is possible for hackers exploiting the catastrophic vulnerability dubbed Heartbleed to extract private encryption keys from vulnerable websites, Web services firm Cloudflare reported Saturday. As recently as yesterday, Cloudflare published preliminary findings that seemed to indicate that ...

The OpenSSL Heartbleed Bug: What It Means To You

Below are steps for a Heartbleed resolution Heartbleed Resolution Steps for Symantec, GeoTrust, RapidSSL, Comodo and Thawte Step 1: To determine if you are vulnerable due to the Heartbleed bug, enter your domain name onhttps://www.ssllabs.com/ssltest/index.html. If your site is in the clear, then no action is needed J. However, if it is determined that your site ...

Here’s everything you need to know about the Heartbleed web security flaw

  photo: Thinkstock / aetb SUMMARY:Researchers have discovered a serious flaw known as Heartbleed that affects the security software that runs on about two-thirds of the servers on the internet and could expose user data, including passwords. Here’s what you need to know about it It seems as though every week or so there’s a new ...

Cisco finds 13 products (so far) vulnerable to Heartbleed—including phones

Collaboration products, router OS have OpenSSL bug; Cisco still checking others Cisco has issued a security bulletin for customers about the Heartbleed bug in the OpenSSL cryptography code, and it’s not about Web servers. So far, the company has unearthed 11 products and 2 services susceptible to attack through the vulnerability, which can be used to retrieve ...

OpenSSL Heartbleed exploit and what it means for you

At the start of this week there was an OpenSSL vulnerability that was made public which effectively allowed hackers to be able to dump 64kb worth of content sitting in the server memory. This memory is often used to store private keys and other private information. For those that are unaware, OpenSSL is the cryptographic ...

25% Off All VPS Hosting Nodes

To celebrate the start of Spring QuantmWeb has launched our 25% off for VPS Sale. That’s right we are offering 25% off for life on any new VPS purchased during September and October. All ourVPS Hosting servers are covered, including cPanel VPS templates and Windows VPS. Just enter the promotional code 25OFFVPS on the checkout page to receive the discount. All QuantmWeb VPS ...

SSL Certificates Future And Its Encryption Strategies

With an ever increasing level of security issues, the protection system is undergoing a rapid change to keep pace with it. The future looks bright and engaging for ssl certificates as the service providers are promptly upgrading their encryption system to defend websites against malware attacks or hacks. Every online retail store owner worth his ...