Security News

Almost three-quarters of all phishing sites now use SSL protection
2020-02-26 06:32

The total number of phishing sites detected by the Anti-Phishing Working Group worldwide in October through December 2019 was 162,155, following the all-time-high of 266,387 attacks recorded in July through September 2019. APWG contributor OpSec Security saw attacks against more than 325 different brands per month in Q4. Stefanie Wood Ellis, Anti-Fraud Product & Marketing Manager at OpSec Security, noted that the most frequent targets of phishing attacks continued to be Webmail, payment, and bank sites, but that "Phishing against Social Media targets grew every quarter of the year, doubling over the course of 2019.".

Sectigo Subscription SSL enables customers to purchase up to 5 years of protection
2019-10-25 02:00

Sectigo, the world’s largest commercial Certificate Authority (CA) and a provider of purpose-built and automated PKI management solutions, announced the availability of Sectigo Subscription SSL....

Analysis reveals the most common causes behind mis-issued SSL/TLS certificates
2019-10-14 11:35

We should be able to trust public key certificates, but this is the real world: mistakes and “mistakes” happen. Researchers from Indiana University Bloomington have analyzed 379 reported instances...

Chinese APT Group Began Targeting SSL VPN Flaws in July
2019-09-06 14:03

Pulse Secure and Fortinet Released Critical Fixes Months Ago, But Patching LagsA hacking group known as APT5 - believed to be affiliated with the Chinese government - has been targeting serious...

Week in review: Mass iPhone hacking, SSL VPNs under attack, SOC analysts overwhelmed
2019-09-01 14:45

Here’s an overview of some of last week’s most interesting news, articles and podcasts: Cybersecurity in the age of the remote workforce Users can be set up for a productive experience while...

Imperva Breach Exposes WAF Customers' Data, Including SSL Certs, API Keys
2019-08-27 18:48

Imperva, one of the leading cybersecurity startups that helps businesses protect critical data and applications from cyberattacks, has suffered a data breach that has exposed sensitive information...

Imperva Firewall Breach Exposes Customer API Keys, SSL Certificates
2019-08-27 16:58

The issue impacts users of the vendor's Cloud WAF product.

Hackers Hit Unpatched Pulse Secure and Fortinet SSL VPNs
2019-08-26 15:03

Vendors Issued Security Updates to Fix Severe Flaws Several Months AgoPatch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by...

Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs
2019-08-26 09:40

Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure SSL VPN and Fortigate...

The probability that an EV SSL certificate is associated with a bad domain is 0.013%
2019-08-01 04:45

In 2018, phishing attacks were attempted 482.5 million times, more than doubling the number of incidents in 2017. New research conducted by the Georgia Institute of Technology Cyber Forensics...