Google is making SSL Certificates a bigger priority in search rankings

Sep

1

2014

Google has just published an interesting blog post about SEO best practices on its Webmaster Central Blog, and one interesting detail is that Google is going to start ranking sites with SSL Certificates higher. Google is making this move because it believes in making the internet a more secure place, and a more secure web starts with more secure website ...
read more →

IT · SSL Certificates · Web Hosting · Web Sites

HTTPS as a ranking signal

Aug

24

2014

Webmaster level: all Security is a top priority for Google. We invest a lot in making sure that our services use industry-leading security, like strong HTTPS encryption by default. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google. Beyond our own stuff, we’re also working to ...
read more →

SSL Certificates · Web Hosting · Web Sites

Still reeling from Heartbleed, OpenSSL suffers from crypto bypass flaw

Jun

16

2014

Bug in crypto library strips away one of the Internet’s most crucial protections. Wikimedia A researcher has uncovered another severe vulnerability in the OpenSSL cryptographic library. It allows attackers to decrypt and modify Web, e-mail, and virtual private network traffic protected by the transport layer security (TLS) protocol, the Internet’s most widely used method for ...
read more →

IT · Linux · Security · SSL Certificates

How I used Heartbleed to steal a site’s private crypto key

May

11

2014

Extracting keys from unpatched servers requires skill, but it’s eminently doable. Aurich Lawson / Thinkstock By now everyone knows about the OpenSSL Heartbleed vulnerability: a missing bounds check in one of the most popular TLS implementations has made millions of Web servers (and more) leak all sorts of sensitive information from memory. This can leak login credentials, authentication cookies, ...
read more →

IT · Security · SSL Certificates

Private crypto keys are accessible to Heartbleed hackers, new data shows

Apr

14

2014

Four people have been able to see server keys and certificates in a test. Aurich Lawson / Thinkstock Contrary to previous suspicions, it is possible for hackers exploiting the catastrophic vulnerability dubbed Heartbleed to extract private encryption keys from vulnerable websites, Web services firm Cloudflare reported Saturday. As recently as yesterday, Cloudflare published preliminary findings that seemed to indicate that ...
read more →

IT · Security · SSL Certificates · Web Hosting

The OpenSSL Heartbleed Bug: What It Means To You

Apr

14

2014

Below are steps for a Heartbleed resolution Heartbleed Resolution Steps for Symantec, GeoTrust, RapidSSL, Comodo and Thawte Step 1: To determine if you are vulnerable due to the Heartbleed bug, enter your domain name onhttps://www.ssllabs.com/ssltest/index.html. If your site is in the clear, then no action is needed J. However, if it is determined that your site ...
read more →

IT · Security · SSL Certificates

Here’s everything you need to know about the Heartbleed web security flaw

Apr

11

2014

  photo: Thinkstock / aetb SUMMARY:Researchers have discovered a serious flaw known as Heartbleed that affects the security software that runs on about two-thirds of the servers on the internet and could expose user data, including passwords. Here’s what you need to know about it It seems as though every week or so there’s a new ...
read more →

IT · Linux · Security · SSL Certificates

Heartbleed vulnerability may have been exploited months before patch [Updated]

Apr

11

2014

Fewer servers now vulnerable, but the potential damage rises. Aurich Lawson / Thinkstock Update: Errata Security’s Robert Graham has acknowledged that he was mistaken in his assessment, and that private keys could be at risk. The original story below has been marked up accordingly. There’s good news, bad news, and worse news regarding the “Heartbleed” bug that affected nearly ...
read more →

IT · Linux · Security · SSL Certificates

Cisco finds 13 products (so far) vulnerable to Heartbleed—including phones

Apr

11

2014

Collaboration products, router OS have OpenSSL bug; Cisco still checking others Cisco has issued a security bulletin for customers about the Heartbleed bug in the OpenSSL cryptography code, and it’s not about Web servers. So far, the company has unearthed 11 products and 2 services susceptible to attack through the vulnerability, which can be used to retrieve ...
read more →

IT · Security · SSL Certificates

OpenSSL Heartbleed exploit and what it means for you

Apr

11

2014

At the start of this week there was an OpenSSL vulnerability that was made public which effectively allowed hackers to be able to dump 64kb worth of content sitting in the server memory. This memory is often used to store private keys and other private information. For those that are unaware, OpenSSL is the cryptographic ...
read more →

IT · PHP · Security · SSL Certificates · Web Hosting