This week we will start off with something that everyone using a web browser should be aware of, but it appears that is not the case. The vast majority of us have no idea what the padlock icon on our internet browser is – and it’s putting us at risk …
When is secure not secure
A while back Diana wrote a piece about the padlock in the URL bar of your browser and what it says about that sites security and means for your cyber security: Is that website secure? However what that symbol means in effect is that the communications between your device and …
Supply chain vulnerability
We have many clients who have their own software or have custom software on their website or web apps written for them by developers. These developers may or may not reuse code or modules written by third party developers and sourced through a software repository – such as GitHub or …
Weak cryptographic keys in the wild – UPDATED
This post was originally published on 15 March 2022 Researcher, Hanno Böck, has found very weak cryptographic keys in use that have been generated by SafeZone Crypto Libraries, once owned by Inside Secure and now owned by Rambus. These keys are so weak that consumer grade hardware running old algorithms. …
Continue reading “Weak cryptographic keys in the wild – UPDATED”
TLS certificates are what internet trust is built on
Russia has created it’s own TLS certificate organisation and has started issuing these security and trust certificates to Russian sites, who can no longer access issuing authorities outside of the country, because of sanctions. Moscow to issue TLS certificates to Russian websites • The Register
More bad news for Nvidia – and advice for them (and you) on risk and mitigation – updated
This post was originally published on 5 March 2022 In the among the data recently stolen from Nvidia, a certificate has been found that can be used to sign malware aimed at Windows machines. What this means is the software will be exploiting the built in “trust” that Microsoft and …
Check your Let’s Encrypt certificate
SSL/TLS certificates are an essential part of the security of communications across the internet. Read how important they are here: Is that website secure? – #BeCyberSmart – Smart Thinking Solutions Website security either some people just don’t get it or they cannot be bothered! – Smart Thinking Solutions Website security …
