Website Security Solutions | Latest Guides | Blog

A Quick Guide to Understanding Ransomware

| #Articles

One of the biggest threats to any organisation today is a ransomware attack. Bad actors, through the use of purpose-built software, infiltrate a computer network and take data hostage. This kind of attack can affect companies big and small, in every sector. So much of what we do depends on technology. Imagine if a company providing an online service can no longer provide that service to its… [read more →]

Understanding the SSL/TLS Racoon Attack

| #Articles

It’s that time again. As protocols mature, inevitably security vulnerabilities lurking beneath the surface are uncovered by security professionals. The so-called “Racoon” vulnerability is unusual however in that it affects TLS 1.2, arguably the most secure version of SSL/TLS to be using today. Some sensationalists describe this as the “Heartbleed of 2020”, while other researchers contend that this vuln… [read more →]

SSL Certificates now limited to 1 Year terms

| #News

To improve web PKI and security, Certificate Authorities (CA) will no longer be issuing SSL/TLS certificates with validity periods longer than one-year starting September 1, 2020. Initiated by Apple Safari and joined by Google Chrome and Mozilla Firefox, the new max validity period will be 398 days which is one-year plus a 33-day renewal grace period. The shortening of certificate validity… [read more →]

Understanding Certificate Cross-Signing

| #Articles

Certificate Cross-Signing is a nuance of PKI which is often poorly understood. This topic is particularly salient as of late, as a long-lived root certificate managed by Sectigo (formerly Comodo) expired, causing many unexpected problems for many legacy systems worldwide. But how can certificate expiration lead to service downtime? Who is responsible for being aware that this can happen? How can… [read more →]

Understanding Certificate Cross-Signing

| #Articles

Certificate Cross-Signing is a nuance of PKI which is often poorly understood. This topic is particularly salient as of late, as a long-lived root certificate managed by Sectigo (formerly Comodo) expired, causing many unexpected problems for many legacy systems worldwide. But how can certificate expiration lead to service downtime? Who is responsible for being aware that this can happen? How can… [read more →]