This article is part of our Security Guides series. Chrome and other browsers are phasing out SSL certificates that are implemented using the weak SHA-1 hash. As a result, SSL certificate authorities, like GoDaddy are … Read More
Blaming users for security incidents is counterproductive
The Associated Press has done some important research into the cause of cybersecurity incidents in the federal government. Unfortunately, they come to the wrong conclusion. They document the huge rise in security incidents, and then add: … Read More
Tozny demo video: Login and out of band transaction verification
Take a look at the primary features of the Tozny login and out of band transaction verification system. Key points: Tozny is both easier to use and more secure than passwords. Tozny defeats advanced malware … Read More
Shellshock: Making sense of the question, “Am I vulnerable?”
It seems like such a simple question, “Am I vulnerable to Shellshock,” but it’s surprisingly complicated. Lots of Internet forums suggest pasting some magic code into your command line. If the code outputs “Vulnerable” then … Read More
Man in the Browser: Attack and Defense
A successful man in the browser attack is devastating: The attacker gets full control over your account and you have no idea it is happening. In this post, we discuss the attack, its impact, and … Read More