online security

Exposing SnapDeal.com: India’s largest Online Shopping platform is unsafe and vulnerable to theft

Indian e-commerce is growing at an incredibly frantic pace. There are tons of new e-commerce sites mushrooming in variety of verticals spanning electronics, books, gift items, vitamin supplements, foreign importers etc. Unfortunately the awareness among Indian customers and e-commerce site owners regarding the risks of online scam, phishing and what not remains concerningly low. SSL Security is one basic step that every e-commerce site must take at the very minimum. Doing so will at least ensure that transactions between an e-commerce site and its customers remain private. This is critically important in India, especially because a large portion of the population there uses shared internet (i.e. cyber cafes). It has come to our attention that a very famous site known as SnapDeal.com which ...

An Infographic: How Secure is Your Website When Compared to Your PC?

Internet usage and web security go hand in hand. With the exponential growth of Internet traffic over the last decade, online security threats have grown by leaps and bounds too, and the recent flurry of WordPress attacks is a testament to it. The number of online accounts that get compromised on a daily basis clearly indicate that a great majority of  website owners isn’t particularly cautious about their website’s  security. Web Hosting provider HeartInternet recently conducted a research among small business website owners and home PC users to determine whether people take their website security as seriously as their PC security. Predictably, the answer is no! The survey reveals that only 65% small business website owners have anti-virus software installed on their computers...

What is a Multi Domain EV SSL Certificate?

Maintaining a  high level of online trust and security in compliance with industry-wide security regulations can be a daunting task for organizations  as it requires timely updates to the IT security infrastructure which are sometimes very expensive. To keep a sense of trust and security intact in the minds of website visitors and at the same time keeping expenditure within manageable limits is thus a very herculian task. This is where a  Multi Domain EV SSL security certificate comes in.  Multi Domain EV SSL security certificateis a ‘best of both worlds’ product in a way that it provides stringent and tough authentication at par with  industry standard EV SSL (Extended Validation) certificate, and has the ability to package multiple domains , thereby effectively cutting down t...

Security Vulnerability Found in the RubyonRails framework, Heroku Applications Affected

A serious security vulnerability was  found today in the Ruby on Rails framework. This exploit affected nearly all applications running Rails including  Heroku’s. Ruby on Rails issued prompt warning  and announced  that the releases 3.2.11, 3.1.10, 3.0.19, and 2.3.15 contained  two extremely critical security fixes. The aforementioned  Rails versions were immediately  patched and deemed safe from this exploit. The users were advised to upgrade their version promptly, failing which an attacker could potentially gain access to their application, its data, and run arbitrary code or commands. If you’re one of the concerned users, please check the patched versions below (deemed safe from exploit)  and upgrade immediately. Changes in 3.2.11 Changes in 3.1.10 Changes in 3.0.19 Changes...

Heroku Fixes Password Security Issue

Heroku has resolved  a security vulnerability it was alerted to in December that would allow an attacker to change the password of a pre-existing user account and thus gain control of it. Web security has been a vital issue for the industry as recently EdgeWebHosting partnered with DuoSecutiry to secure remote access by enabling two-factor authentication and SingleHop launched an automated security service for dedicated cloud servers. On December 19, 2012, security researcher Stephen Sclafani notified Heroku of an issue in their  account creation system. Using a maliciously-crafted HTTP request, an attacker could change the password of a pre-existing Heroku user account, and thus gain control of it. This attack would not disclose the pre-existing password to the attacker. Instead of persec...

Edgewebhosting Partners with Duo Security to Secure Remote Access

Edgewebhosting Inc., a leading provider of mission-critical managed hosting services, announced it’s partnership with Duo Security on Wednesday to provide two-factor authentication service.  This authentication service provides highly secure and remote access to Edge’s managed hosting solutions. Two-factor authentication is an approach to authentication which requires the presentation of two or more authentication factors: a knowledge factor (something the user knows), a possession factor (something the user has), and an inherence factor (something the user is).  For example, when you visit a local automated teller machine (ATM), one authentication factor is the physical ATM card that you  insert into the machine (something the user has). The second factor is the PIN you enter through the ...

Skip to toolbar