Blog Archives

EV certificate to protect against phishing

evval

Internet fraud has become more coordinated and sophisticated, eroding consumer confidence, which is so necessary in the Internet business. Phishing – this is just one of many tactics that scammers use to get personal, confidential information of users. Due to

Posted in CA, Validation, Vulnerabilities Tagged with: , , , , , , ,

One-way authentication – protection from phishing

SONY DSC

Using the protocol SSL (Secure Sockets Layer) provides secure communication between Web-server and users. Despite the fact that the protocol allows authentication not only the server and the user, in practice, only one-way authentication is used most often. To establish

Posted in CA, Vulnerabilities Tagged with: , , , , ,

Fraudsters use SSL-certificates for phishing

phish2

CAs provides the SSL-certificate to owner of fake domains used in phishing against known online stores and banks. Just in a month attackers were able to obtain official security lock for hundreds of fake websites that are aimed at banks

Posted in Vulnerabilities Tagged with: , , , ,

Attackers can exploit the vulnerability in StartSSL for issuing SSL certificates

vulnerability

Recently, security experts have found a serious hole in the domain verification, which was discovered in the StartSSL. The detected vulnerability allows anyone to issue SSL-certificates for any domain without confirming ownership. StartSSL – a web-based service that allows webmasters

Posted in Vulnerabilities Tagged with: , , ,

All about SSL

This site is dedicated to SSL-certificates. You will learn what is an SSL certificate, how to issue and reissue it. FAQ SSL will be useful for both novices and pros. SSL Knowledgebase contains sections on validation, trust logo, vulnerabilities, SSL-certificates differences by type (Wildcard, EV, DV, etc.), as well as many other things.