HackDig : Dig high-quality web security articles for hacker

Dangerous liaisons

It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking up with strangers – and that is the mobile apps used to facilitate the process. We’re talking here about intercepting and stealing personal information and the de-anonymi
Publish At:2017-10-24 11:55 | Read:603 | Comments:0 | Tags:Featured Mobile threats Android Certificate HTTPS iOS Mobile

Five Key IT Security Best Practices to Safeguard Your Expanding Business

A key theme of the recent Cybersecurity Nexus event in Washington, D.C. was the growing need for small and medium-sized businesses (SMBs) to adopt enterprise-like IT security best practices. In fact, SMBs might actually have an edge over the unrelenting competition they endure from larger enterprises because they are more proactive and nimbler in mitigating
Publish At:2017-10-22 05:00 | Read:405 | Comments:0 | Tags:Application Security Retail Risk Management Application Secu

Chrome will label Resources delivered via FTP as “Not Secure”

Google continues the ongoing effort to communicate the transport security status of a given page labeling resources delivered via FTP as “Not secure” in Chrome, Last week, Google announced that future versions of Chrome will label resources delivered via the File Transfer Protocol (FTP) as “Not secure.” The security improvement will be implement
Publish At:2017-09-18 00:05 | Read:713 | Comments:0 | Tags:Breaking News Security Chrome encryption FTP Google HTTPS

The Internet’s Freshest Wounds: My Thoughts On Ticketbleed, Cloudbleed and HTTPS

UPDATE 2/24/17, 4:30 PM PST: Researcher Hanno Böck (@hanno) has confirmed that leaked CloudFlare data was not entirely purged from multiple search engine caches ahead of the public disclosure.In April 2014, the security community was shocked with the revelation that a poorly implemented TLS extension in OpenSSL could allow attackers to easily disclose privat
Publish At:2017-02-25 03:05 | Read:1524 | Comments:0 | Tags:IT Security and Data Protection Cloudbleed Cloudflare Google

Making the Move to an All-HTTPS Network

Many website operators have wrestled with the decision to move all their web infrastructure to support HTTPS protocols. The upside is obvious: better protection and a more secure pathway between browser and server. Having a secure connection also makes it harder for cybercriminals to insert man-in-the-middle (MitM) or man-in-the-browser (MitB) attacks, and i
Publish At:2017-02-24 09:15 | Read:1574 | Comments:0 | Tags:Infrastructure Protection Network & Endpoint Browser Securit

Chrome will mark HTTP connections to websites as non-secure from January 2017

From January 2017, Chrome will indicate connection security with an icon in the address bar labelling HTTP connections to sites as non-secure. Google continues its effort to make the web a better place by pushing the adoption of encryption, we left the IT giant in May when it announced the decision to switch on default HTTPS for its free domain service prov
Publish At:2016-09-09 22:45 | Read:1112 | Comments:0 | Tags:Breaking News Digital ID Security encryption Google HTTP con

HTTPS is not a magic bullet for Web security

We're in the midst of a major change sweeping the Web: the familiar HTTP prefix is rapidly being replaced by HTTPS. That extra "S" in an HTTPS URL means your connection is secure and that it's much harder for anyone else to see what you're doing. And on today's Web, everyone wants to see what you're doing.HTTPS has been around nearly as long as the Web, but
Publish At:2016-07-11 14:10 | Read:2306 | Comments:0 | Tags:Features Risk Assessment HTTPS

HTTPS crypto’s days are numbered. Here’s how Google wants to save it

Like many forms of encryption in use today, HTTPS protections are on the brink of a collapse that could bring down the world as we know it. Hanging in the balance are most encrypted communications sent over the last several decades. On Thursday, Google unveiled an experiment designed to head off, or at least lessen, the catastrophe.In the coming months, Goog
Publish At:2016-07-09 07:25 | Read:1954 | Comments:0 | Tags:Risk Assessment Technology Lab cryptography encryption HTTPS

Security week-in-review: Alleged DNC papers leaked in the latest whodunit

It’s hard to keep up with the hundreds of security-specific headlines published every week. So, we’re rounding up the top news that affect you, your business, and the security and technology industry overall. This week we explore Android vulnerabilities, stolen DNC data, and a serious scam against enterprises. Check back every Friday to learn about the lat
Publish At:2016-06-17 18:45 | Read:1521 | Comments:0 | Tags:Security android Android Vulnerabilities Apple bug bounty da

Google is bringing HTTPS to all blogspot domain blogs

Google decided to switch on default HTTPS for its free domain service provider Blogspot, the migration will be easy and transparent for the users. After WordPress also Google decided to switch on default HTTPS for its free domain service provider Blogspot. The measure will impact millions of users of the popular platform. Since September 2015 Google had intr
Publish At:2016-05-05 00:20 | Read:1949 | Comments:0 | Tags:Breaking News Digital ID Blogspot encryption Google HTTPS

Aging and bloated OpenSSL is purged of 2 high-severity bugs

Maintainers of the OpenSSL cryptographic library have patched high-severity holes that could make it possible for attackers to decrypt login credentials or execute malicious code on Web servers.The updates were released Tuesday morning for both versions 1.0.1 and 1.0.2 of OpenSSL, which a large portion of the Internet relies on to cryptographically protect s
Publish At:2016-05-04 02:10 | Read:1994 | Comments:0 | Tags:Risk Assessment Technology Lab Uncategorized encryption HTTP

WordPress pushes Free HTTPS Encryption for all its blogs

WordPress announces “HTTPS Everywhere, Encryption for All WordPress.com Sites,” millions websites will be secured without users’ effort. WordPress is pushing free default SSL for all the website running the popular CMS and hosted on WordPress.com, that means over 26% of websites based on the most popular CMSs on the web will be secured (Sta
Publish At:2016-04-11 18:30 | Read:1665 | Comments:0 | Tags:Breaking News Security digital certificates encryption HTTPS

33 percent of all HTTPS websites open to DROWN attack

Security experts presented the DROWN attack that exploits a new critical security vulnerability affecting the OpenSSL. Security experts have discovered a new critical security vulnerability affecting the OpenSSL, it has been estimated that more than 11 Million websites and e-mail services are open to cyber attacks. The new attack, dubbed DROWN (stands for De
Publish At:2016-03-02 16:20 | Read:1199 | Comments:0 | Tags:Breaking News Hacking Security DROWN attack encryption OpenS

Fatally weak MD5 function torpedoes crypto protections in HTTPS and IPSEC

If you thought MD5 was banished from HTTPS encryption, you'd be wrong. It turns out the fatally weak cryptographic hash function, along with its only slightly stronger SHA1 cousin, are still widely used in the transport layer security protocol that underpins HTTPS. Now, researchers have devised a series of attacks that exploit the weaknesses to break or degr
Publish At:2016-01-06 18:10 | Read:1619 | Comments:0 | Tags:Risk Assessment Technology Lab encryption exploits hash func

Google Search Rankings Prefer HTTPS by Default

Nothing in Google’s arsenal carries more weight than its search engine rankings. Pair that weapon with a desire to inspire encrypted connections on the web, and you have a pretty powerful combination.More than a year ago, Google said it was testing a method where a site’s search ranking would be influenced by whether it was using an HTTPS connect
Publish At:2015-12-19 01:20 | Read:1380 | Comments:0 | Tags:Cryptography Google Privacy Web Security cryptography Encryp

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud