Employers must use best security practices during tax season in order to make personal data less susceptible to attack.
In a follow-up to my last post, I’d like to address how infosec professionals can help non-security folks understand the need for security basics.
DigiCert Certificate Inspector Agent is a valuable tool that can help manage your certificate landscape.
Private Internet is one way users can protect their data and avoid the flood of marketing campaigns enabled by tracking cookies. This beginner’s guide helps you know where to start and who to trust.
On the heels of an announcement last summer that websites using HTTPS will receive a SEO boost, Google is taking more steps to encourage a more encrypted web. Google created a version of Chrome with a feature designed to warn users when they visit unencrypted web pages. For now, this feature is only available on […]
The FREAK attack does not affect SSL Certificates, but admins should disable export-grade ciphers on all servers. Users should install patches for their browsers as they become available.
It’s up to the infosec community to reach out to engineering and manufacturing and to help them understand security risks and best practices. We need to engage in conversation. We need to gain a seat at the table so that security is not an afterthought in the era of connectivity.
In the last two weeks, we have seen quite a few poor security practices in use with Superfish, Komodia/Lavasoft, and now PrivDog.
Lenovo’s violation of security best practices demonstrates the dangers of using self-signed certificates and the importance of the public trust system.