Microsoft Patch Tuesday – April 2015
This month the vendor is releasing 11 bulletins covering a total of 26 vulnerabilities. Thirteen of this month’s issues are rated ’Critical’.
Read More
This month the vendor is releasing 11 bulletins covering a total of 26 vulnerabilities. Thirteen of this month’s issues are rated ’Critical’.
Read More
summary
Did you know this month was “couple appreciation month”? Let’s use this as an opportunity to explain in simple words how the security of an online transaction relies on a happy, inseparable couple: a public key and a private key.
Public keys and private keys are part of a general structure we call PKI – Public Key Infrastructure. The SSL and TLS protocols, which are globally used to secure not only websites, but also emails and web applications, are based on this structure. So we might as well say that there are thousands and thousands of public and private keys in operation right now around the world!
Keys are used in algorithms to encrypt and decrypt data. You may think the same key is used to encrypt and decrypt, but there’s a twist: there are algorithms in this world which are able to encrypt data with one key… and decrypt it only with the help of another key! Magical, isn’t it? (For those who don’t believe in magic, you can read more about trapdoor functions here). In the case of SSL, one key – the public key – is used to encrypt data; only the corresponding private key can decrypt it. What a lovely (and useful) couple.
In the SSL protocol, public keys and private keys are generated by servers. The private key remains locked and secure in the server, while the public key is pinned to the server’s SSL certificate. Whenever a browser connects to the server, the server sends its SSL certificate which contains the public key. The browser can then use this public key to encrypt data and send it to the server, which is now the only one able to decrypt such data thanks to its private key.
Both keys are inseparable, and of course each pair is unique: the public key belongs to its corresponding private key and only to this one.
Public and private keys are essential to the security of our exchanges. Thanks to them, we don’t have to worry about someone eavesdropping on our conversations. But there is still a major issue: what if a hacker intercepts the server’s public key, and sends their own public key instead?
What guarantees the browser that the public key received is actually the public key from the server it wanted to reach? This is why Certification Authorities like Symantec play an essential role: CAs authenticate servers and their public key through a unique document called the SSL certificate!
If you’re curious about SSL and more specifically about how SSL certificates work, you can find more
Infrastructure owned by the Simda botnet (also known as Rloader) has been seized in an Interpol-led law enforcement operation.Read More
Ransomware attackers have resorted to reviving a very old attack vector, the malicious Word macro.Read More
Law enforcement agencies and security vendors join forces to take down long running malware delivery network.Read More
summary
In 1994, the first online purchase crossed the World Wide Web: a large pepperoni pizza with mushrooms and extra cheese from Pizza Hut. Over the next 20 years, e-commerce has exploded into a bustling economy, exceeding $1.2 trillion in sales in 2013.
This growth in online purchases rests upon a foundation of trust. People trust that the websites they use to track finances and make online purchases are secure and legitimate largely because of Secure Socket Layer (SSL) certificates- otherwise known as that little green padlock in the URL bar of the browser.
SSL certificates verify that the provider is who they claim to be and also indicate secure connections between personal devices and company websites. Understanding SSL certificates is important to help prevent falling victim to scammers. Because at the end of the day, not all sites, or SSL certificates, are created equal.
Different types of certificates
Website owners purchase SSL certificates through Certification Authorities (CA). There are three different types of SSL certificates, each providing a different level of security. The problem is that, even though all of these certificates provide the safety padlock in the URL bar of a browser, along with the HTTPS (“S” indicating “secure”) in the address bar, the levels of security between types of certificates differ greatly. This is why it is important to understand what kind of SSL certificate a site is using when looking to perform financial transactions or anything involving personal user data.
Can you tell the difference?
Clearly, the last URL is an EV certificate. The first is the DV certificate and the second is an OV certificate, which both look identical to each other.
What can people do to stay safe?
Now knowing what a SSL certificate is, the three different types, and that DV-enabled sites pose a risk for scams, how can users reduce the risk of shopping or performing other sensitive transactions online?
Let’s face it – online shopping isn’t going away. Until the industry requires an OV or EV certificate for e-commerce sites or an easier way to identify the types of certificates, people will have to bear some of the burden of combatting cyber risks. Knowing the risks ahead of time, consumers are less likely to be duped by phishing websites.
Readers can find more information on SSL certificates in this recent Symantec whitepaper or by visiting our Trust Services page.
A new information stealer, Trojan.Laziok, acts as a reconnaissance tool allowing attackers to gather information and tailor their attack methods for each compromised computer.Read More
Una nueva amenaza que roba información, denominada Trojan.Laziok, actúa como una herramienta de reconocimiento y permite a los atacantes recopilar información y adaptar sus métodos de ataque a cada computadora comprometida.
Read More
Symantec’s Email Submission Client enables end users to report suspected spam directly from their mailboxes to Symantec Security Response, which helps improve anti-spam research and results. The Email Submission Client will be updated to support Microsoft Exchange Server 2013, and the new version is scheduled for release on March 28, 2015. Exchange Server 2010 and 2007 will also still be supported.
The Email Submission Client is designed to be easy to use and does not require the installation of tools or updates on endpoints. Users simply move the unwanted message to a designated folder in their mailbox to send the message to Symantec. Administrators control which users and groups in the organization can submit messages using Active Directory.
A moderated mode that allows administrators to approve messages before submitting them to Symantec is also available. The Email Submission Client works with multiple email clients, including Microsoft Outlook, Outlook Web Access (OWA), and Exchange ActiveSync.
Symantec Email Security.cloud customers can download the client from the management portal by navigating to Tools > Downloads.
Symantec Messaging Gateway and Mail Security for Microsoft Exchange customers can download the client from FileConnect at https://fileconnect.symantec.com
Do I really need security on my computer anymore? Over the years, web standards have improved and the security of operating systems and browsers have become better. Because of these advances, some people question whether they need security protection at all. But you need to remember that in parallel to positive advances in protection, cybercrooks […]