Bitly, famous for its ubiquitous URL-shortening service, has announced that it s partnered with LetsEncrypt to bring HTTPs links to marketers using its branded domain service.With almost 27 billion links, or Bitlinks, shortened since launch, Bitly is probably the most recognizable link-shortening service on the Web.While anyone can shorten a URL through Bitly for free, Bitly has also emerged as a key tool for marketers to track how their content is being shared online and even drive traffic to mobile apps.But more than that, businesses have also been able to procure branded short links, where the bit.ly or bitly.com element of the URL is replaced by a company s own shortened domain name.The New York-based company said that it will be generating SSL certificates for what amounts to more than 40,000 Bitly-branded domains, with all links created through the platform now served as secure HTTPS links.Shortened URLs give little clue as to where the links may lead.A shortened URL could indicate a malicious website, for example, so with HTTPs now in the mix, Bitly hopes to bring a little peace of mind to not only its customers, but to its customers customers.Our upgrade will create a more secure Internet for our customers, and will specifically help our customers build trust with their users, said Matt Thomson, CPO at Bitly.This move is a stand against malicious Internet activity and its negative impact on good customer experience.
A little-considered but significant subset of that data is the proportion of abandoned carts.Any visitor to your website who goes to the trouble, not only to look at your products, but to add them to their cart, proceed to checkout, but then, for one of several possible reasons, fails to purchase.These abandoned carts represent a significant portion of lost revenue.Do you have a valid SSL certificate, are you using the https:// protocol by default, and is your cart showing a friendly padlock icon to visitors?If the honest answer to any of these are no, rethinking some of these components might earn you sales, not just from abandoned carts but also from visitors who never get as far as entering their contact details.Shopify surveyed a range of online stores and visitors to find that 39% of visitors reported leaving a store after experiencing a technical problem like a crash or network timeout.
Photo source: ShutterstockBlue Coat has denied it's up to any shenanigans – after the security biz was seemingly given the power to issue crypto certificates that could be used to spy on people.A kerfuffle kicked off this week when it looked as though Blue Coat had been made an intermediate certificate authority, backed by root certificate authority Symantec, in September.BlueCoat now has a CA signed by Symantec https://t.co/8OXmtpT6eXHere's how to untrust it https://t.co/NDlbqKqqld pic.twitter.com/mBD68nrVsD— Filippo Valsorda @FiloSottile May 26, 2016BlueCoat literally uses NSA's mass surveillance quips in their marketing for SSL decrypt.https://t.co/VgaZlCSY2d pic.twitter.com/PqmwPvUKFs— Kenn White @kennwhite May 27, 2016At times, criticism leveled against the security outfit has proved unfounded.The gong was given after the biz pressured a security researcher into dropping a presentation at the SyScan Conference in Singapore earlier in the year.The coercive tactics sparked calls for a Blue Coat boycott, particularly from Facebook's head of security Alex Stamos.All of this may well be background fuss for the business: Blue Coat is reportedly considering an IPO shortly, during which it will be focused on its reputation among investors rather than its standing among security professionals.
Related: Why Trump wants you to boycott AppleThe working language, which promises to Make Python Great Again was created in under 24 hours by Rice University students and posted to GitHub via Motherboard .America never does anything halfway.All code has to be home-grown and American made.Error messages are mostly quotes directly taken from Trump himself.By constructing a wall providing the -Wall flag , TrumpScript will refuse to run on machines with Mexican localesWarns you if you have any Communists masquerading as legitimate "SSL Certificates" from China on your system.Won't run in root mode because America doesn't need your help being great.
Traveling soon?Heads up: many streaming services have international streaming restrictions, with Netflix and Hulu included.But with Getflix, you don t have to give up your shows every time you travel.Some key details:Enjoy popular streaming services no matter your locationGet access to over 50 VPN nodes worldwideQuickly watch TV, listen to online radio, and moreEasy-to-use Smart DNS technologyEncrypt all your traffic with 256bit SSL encryptionGetflix unblocks over 100 streaming channels around the world, so you can watch movies, TV, sports, and more regardless of where you may end up.For a limited time, you can nab Getflix for only $39, or over 90% off — an offer that s simply too good to pass up.
Securing the rapidly-expanding universe of connected technology just got a helping hand from a new assurance testing program for Internet of Things IoT sensors and devices.According to a press release, ICSA Labs is launching a new security testing program that will focus on assurance testing for IoT.The new IoT Security Testing and Certification Program will see ICSA Labs test six key components: communications, alert/logging, platform security, cryptography, physical security and authentication.A projected 25.6 billion IoT devices are expected to enter the marketplace in 2019, rising from 9.7 billion in 2014, according to Verizon s State of the Market: Internet of Things 2016 report.UL s move was a response to the Cybersecurity National Action Plan launched by the White House in February, with UL s IoT standards developed with the help of several government departments.ICSA Labs is an independent security testing division of Verizon Business covering anti-virus, firewalls, IPsec VPN, cryptography, SSL VPN, network IPS and anti-spyware technology.
In this paper at Arxiv, Tel Aviv University's Uri Kanonov and Avishai Wool dissect KNOX for your enjoyment.The ARM TrustZone, they write, does a good job of mitigating root and kernel exploits, but only if it's used right, and that requires proper usage of its features in all surrounding areas to gain the promised security boost.For The Register, one of the killer phrases in the paper is: we contrast KNOX 1.0 with the most recent version of KNOX: we show how the latest KNOX improves security— while also making security sacrifices in favour of user satisfaction .Here's the short version from the paper: The attack scenario is an Evil Maid attack short-term physical access against an unlocked device for example the attacker may ask the victim to make a quick phone call from her device .Serve forged SSL/TLS certificates while performing MITM.The only social engineering required, the authors note, is to present a benign-looking Knox icon for the VPN and a similarly innocuous connection name, users will probably continue past the warning.
Marvell Semiconductor is sampling its Armada 7000 and Armada 8000 system-on-chips SoCs , based on the ARM Cortex-A72 architecture.Marvell reckons the SoCs are good for appliances from SOHO up to data centres, with dual- and quad-core versions, and are in the hands of "tier 1" vendors' design teams.MoChi is Marvell's approach to interconnecting devices where the SoC needs too many functions or interfaces to fit on a single chip.It provides an interconnect to make multiple modules look, to the Armada 7000/8000 driver, as if they're a single integrated operation the company calls this vSoC, virtual system-on-chip .This lets the two SoC families integrate multiple 10 Gbps Ethernet ports, each running packet processing and offload engines for security and storage.The Armada 8000 also includes:Quad- and dual-core ARM Cortex-A72 at 2.0GHz1MB shared L2 cache; 1MB exclusive L3 cacheFull ARMv8-A CPU virtualisation and I/O virtualisationCoherent memory subsystemNetworking packet processor with 2x10GbE 4x2.5GbE connectivityA 10 gigapackets per second security engine supporting IPsec and SSL offloadDDR3/3L/4 32b/64b ECC extension, and SATA3.0, USB3.0, PCIe3.0The Armada 7000 comes in dual-core 1.4 GHz or quad-core 1.8 GHz flavours, and lower-throughput networking and security engines.
Home Monitoring SystemTraditional home alarm and monitoring solutions are a scam.Meanwhile, if a burglar does try to enter your home and an alarm goes off, he or she will be long gone before the monitoring center calls to check on you, let alone sends the police.More modern home security solutions can offer all the same great features without the monthly cost, but they can still be pricey.And what if you re renting or you have a small home that doesn t need such a complex solution?In away mode, it also notifies you if any movement is detected, and it packs an integrated 105 dB siren to scare off any intruders.Here are some more highlights:Smart home security system with no contracts or monthly fees requiredHigh resolution 180-degree immersive view camera with night vision, for live and recorded videoMotion/sound detection, temperature/light/humidity sensors, 2-way audio and 105 dB sirenSimple setup and easy to use, get text/email alerts and check in from your smartphone or tablet iOS and Android Connects via Wi-Fi, battery backup, high grade SSL video encryption, compatible with Z-Wave wireless accessories; auto-rearms to capture multiple events, pet adjustable motion detection, smart arming powered by Life360The Piper nv costs $279.99 on Amazon with free Prime shipping, and it s well worth the price.
Thought your protections against DDoS attacks were good enough?Why advertise with usBut now, attackers are adopting military strategies and finding another way.Instead of playing their cards immediately — throwing the traffic of an entire botnet of zombie computers at a target — they send out constant DDoS attacks over months which are so low in bandwidth that the victim fails to detect them.A Dark DDoS attack can't be detected so it merrily attacks your network's defences and executes multiple zero-day vulnerabilities that might be found in Linux, SSL, hypervisors — or Apache-like Heartbleed or Shellshock — until it finds a vulnerability that you haven't patched against because only attackers know about it.They go undetected for months and, slowly, information is trickling out of your environment but you don't even realise it."And that excludes the potential fallout from your customers' data being leaked, having to pay for a third party to investigate, reporting to government regulators about what went wrong and potentially being fined by regulators.
In this high-tech era of security breaches, cybersecurity is more important than ever.And small businesses, especially in the mergers and acquisitions space according to a new Firmex report, are particularly susceptible to hacks and breaches.What kinds of precautions can a business take to protect its data and its customers sensitive information?Here are six security measures that provide big protection against cyber attacks.1.Viruses, ransomware, and malware can invade your system with just one click.Consider presenting your staff with realistic cybercrime situations that teach them how to recognize suspicious emails and other red flags.It s also beneficial to bring in an outside firm to conduct facility breach exercises and social engineering penetration testing.For secure financial transactions that don t risk data being transferred in plain text, you ll also want to make sure your E-commerce platform is capable of supporting SSL encryption.To optimize your security, don t just be content with safeguarding your payment gateway.Also, it s noteworthy that besides ensuring security, SSL certification will increasingly play an important role in how Google ranks your website.Related Article: Lock It Up: How to Ace Email Security in 20164.But choose a QSA certified company wisely, and make sure the company uses accurate and complete testing procedures.
Loaded: 0%Progress: 0%00:00The ScenePlayMute00:00Current Time 0:00/Duration Time 0:00FullscreenNeed TextNo compatible source was found for this video.Advertisement 0:30Good and bad ways to take down a rogue droneshareplaysaveI am a skip button.WHOOPS!Maybe your neighbors are flying their machines over your backyard or zooming past your windows.Maybe you're on stage giving a talk about implementing SSL and you're being dive-bombed by drone cam.There are far better anti-drone weapons out there, like drone jammers that use directed RF signals to cut off communication between the drone and its controller.Of course, you can also go low tech.
One of its products is an SSL Visibility Appliance, which sits in the middle of encrypted traffic flows in order to identify threats such as botnet communications, data exfiltration by hackers and so on .Last month Blue Coat was accused of misusing an intermediate certificate authority, backed by root certificate authority Symantec.The conflict between being simultaneously a certificate authority and certificate exploiter is huge, said Rob Graham of Errata Security, the developer of BlackICE intrusion prevention software.On the other hand, Blue Coat is a natural fit for AV anti-virus , letting customers AV scan things otherwise encrypted with SSL.Traditionally Symantec s security sales were split more or less evenly between corporate and consumers sales through its Norton line.Although the shift towards the enterprise strategy is clear, Symantec has no immediate plans to sell its consumer unit, which remains profitable, Reuters reports.
A deadline for businesses to make sure they were compatible with new payment security measures has been extended after around 1,000 UK companies failed to take the necessary action.These businesses risked being unable to pay staff and suppliers, forcing Bacs Payment Schemes Limited to extend its deadline by three months from the previous 13 June deadline until 19 September 2016.Organisations need to move to support only the latest versions of TLS and SSL once Bacs drops support for obsolete crypto protocols such as SHA-1 in order to lose access to vital payment and money transfer services, as a statement by Bacs extract below explains.Bacs is making the change early to avoid any last minute issues when the existing SHA-1 certificates are switched off.Businesses choosing not to adopt compatible software upgrades, and an operating system that will support the changes, will have to make alternative arrangements to pay staff and suppliers after 19 September.Wolfgang Kandek, CTO at cloud security firm Qualys, previously told El Reg: Bacs is critical to almost all businesses in the UK, and the organisation s move to support only the latest versions of TLS and SSL makes a lot of sense.
Feed your obsession for SEO & SEM with cutting-edge search marketing tactics, available only at Search Engine Land s SMX East.Celebrating our 10th year, the largest search engine marketing conference on the East Coast returns September 27-29 in New York City.Here s a sneak peek at some of the sessions I m looking forward to:Exploring the Upcoming AdWords Changes: AdWords underwent some significant changes recently, which includes more robust capabilities, including new device modifiers, expanded text ads, an updated UI and more.Start making better informed, smarter budget decisions and optimizations by gaining deeper insights out of attribution and tools available in Bing, AdWords and Google Analytics.Uncover the importance of securing your customers data and privacy by using the HTTPS/SSL protocol, and its benefits including a boost in ranking!– Make it an easy decision for your manager to send you to SMX East with this handy Get Your Boss On Board guide.
The group behind the Let's Encrypt certificate authority CA says that its name could be in doubt thanks to rival CA Comodo Group.The Internet Security Research Group ISRG says that it is currently locked in a conflict with Comodo, who it claims is trying to trademark the "Let's Encrypt" name despite its previous filings on the term.Now, ISRG says, Comodo is attempting to move in on its operation by looking for a trademark on the "Let's Encrypt" name and, potentially, shutting down ISRG's operation using that name."Since March of 2016 we have repeatedly asked Comodo to abandon their 'Let's Encrypt' applications, directly and through our attorneys, but they have refused to do so," ISRG says."We are clearly the first and senior user of 'Let's Encrypt' in relation to Internet security, including SSL secure sockets layer /TLS certificates – both in terms of length of use and in terms of the widespread public association of that brand with our organization."At the time of publishing, Comodo had yet to respond to a request for comment.
By OliviaThe online world is a great leveler of the playing field.New businesses, well-established businesses, entrepreneurs, enterprises, clothes sellers and sellers of white goods — everybody can have an online business and with a few smart moves, can make it a highly profitable entity too.Some of the smart things that an online business owner must pay attention to are:A great website that has all the correct elements – easy navigation, simple to use interface, great design and so on.The right kind of search engine optimization strategies.Social media interaction and connectivity.Cutting edge measures when it comes to security of the online business.There are many ways in which you can ensure that your online business is protected from cyber criminals and here is taking a look at the top five ways.Pay attention to your domain nameOne of the easiest ways in which an online business can fall prey to a cyber criminal is when the domain name is neglected.Therefore, it is essential to invest in some small and big measures to eliminate all chances of cyber criminals:Redirecting traffic away from your website.Stealing away your customer and business data.Some of these measures are:Think of and use extremely strong administrator passwords.Update all information pertaining to your domain registration and contact.Do not divulge information pertaining to your domain registration to many people.Constant and sustained employee educationEven investing in the strongest possible security measures is meaningless if the company does not educate its employees.Therefore, investing in education and awareness of security measures and how people should avoid the following is critical:Indiscriminate online surfing.Opening emails with attachments.Phishing scams.Falling prey to social engineering.Using unauthorized USB drives.Software mattersToday, almost every startup is driven by all kinds of software and operating systems making it essential to invest time and money in updating the same.This will entail:Antivirus programs and other software security measures.Operating systems – updates and patches.Browser software.Wireless network encryption.Data transfer security protocols – SSL encryption and SFTP.Even if the technical aspects of such security measures are beyond the capabilities of founding team – it is not the end of the world!Hire professionals for protectionHiring a professional company when it comes to securing a business will result in a huge relief provided the right company is hired.
As of late June, 32.5% of page one Google results now use the HTTPS protocol, according to a new study from Moz.The esteemed Dr Pete published a blog post this week on the data they ve been tracking in the two year period since Google announced HTTPS was to be a light ranking signal in August 2014.The results are definitely enough to give SEOs pause for thought when it comes to considering whether to switch their sites to a secure protocol.In case you need a refresher, here is Jim Yu s explanation of the difference between http and HTTPS:HTTP is the standard form used when accessing websites.HTTPS adds an additional layer of security by encrypting in SSL and sharing a key with the destination server that is difficult to hack.
It s taken a while, but the Internet is now a marketing must-have for small- and mid-sized businesses in the United States.SMBs are spending more on Internet marketing, and, according to an SMB Internet Marketing Survey, 37 percent of these SMBs increased their spend on Internet marketing yet again in 2015.An SMB s website is a portal for the rest of the world to engage with the business.SSL, which stands for Secure Socket Layer, refers to a network protocol for the secure transmission of data.It encrypts the transfer of data and prevents unauthorised access, so that the sensitive information which belongs to your site s visitors, such as passwords, email addresses, or bank details, stays private and protected.Small business owners will recognize the power of protection, but may fear the technical demands of security.
To get better search engine rankings or land on the first page results on Google in 2016, site speed and HTTPS were listed among the ranking factors.Brian Dean of Backlinko conducted an experiment with 1 million Google results to determine which factors help web pages appear on the first SERP and I ll be discussing two of those ranking factors here:Dedicated IP address – page or site s speedHow a dedicated IP address affects your search engine rankingsEvery online business uses a hosting company and most of the time pay no attention to what kind of IP address was assigned to their hosting account, be it a dedicated or shared hosting IP address.There are two types of IP addresses in the web hosting industry and they are: