Sectigo, formerly known as Comodo CA, is entering the next phase of its transition: it’s replacing Comodo CA roots with USERTrust roots on January 14, 2019. Why it happens and what it will mean to Sectigo customers?

According to previous announcements, a year after the acquisition of Comodo Group by Francisco Partners, on November 1 Comodo CA announced that from now on it is changing its brand to Sectigo [pronounced. sec-tee-go]. The goal of rebranding is consistency in company communication and better dedication to what Comodo is doing now.

The European Union Agency for Network and Information Security (ENISA), which is the center of knowledge about cyber security in Europe, organizes as every year in October the European Cyber Security Month. The campaign is starting in a few days. What is its purpose and how can you participate in it?

General Data Protection Regulation (GDPR) is a 99-article regulation meant to protect the private data of Europeans in IT systems. Announced in 2016, covers a broad variety of topics and will go into effect as a requirement on May 25, 2018. GDPR applies to any company doing business in Europe even if it is located elsewhere.

In November this year we wrote about the need to replace SSL certificates issued by Symantec Group. Find out the dates when you need to re-issue your certificates.

The majority of Comodo Certification Authority (CA) shares were sold to Francisco Partners for an undisclosed amount.

Recently, Symantec announced that DigiCert, the leading provider of enterprise PKI encryption solutions, has acquired Symantec's Website Security and related PKI. In response to changes in browser visibility, Symantec provides an option to re-issue SSL certificates with new infrastructure in this area, working with Digicert. Certificates will work the same way, only the backbone of encryption strings is changing.

As of March 1, 2018, Certification Authorities will cease issuing 3-year SSL certificates for OV and DV validation. Re-issue after February 28, 2018 will be valid for no longer than 27 months, regardless of the original period. If you use certificates issued for 10 years and re-issue them, the CA will be forced to shorten their validity period.

SiteLock is an extremely effective tool in the fight against malware. It scans the web for malware every day, and if it detects it immediately removes it before it causes serious problems. SiteLock gives you full visibility of changes that take place on the page - informs you of any modifications to the file.

On September this year we have talked about the obligation for SSL certificate issuers to verify the CAA in client DNS records requesting SSL since September 8, 2017. If you are a webmaster now, there is an additional tool in your hands to protect you from invalid certificate issuance.

In accordance with the requirements of the CA / Browser Forum starting 8 September 2017, SSL certificate issuers will verify the CAA records in the DNS records of clients applying for SSL certificates.

If you run a online business, you are sure to use Google AdWords. Perhaps this is one of the main traffic sources on your site, so the last message you want to see is "Your account has been suspended ...". And yet, you can expect it if your site is not SSL-secured.

WoSign – one of the largest digital certificate provider in China, the owner of Israeli certificate authority (CA) StartCom – recently faced problems with Mozilla. It has all started after various security incidents, including issue of SSL/TLS certificates for primary GitHub domains to subdomain owner.

For 4.65 billion dollars Symantec - the market leader in cyber-security holding branches in more than 40 countries around the world - took over Blue Coat - a company from the same industry, but with a different specialization. What are the reasons for this acquisition?

Thawte is only one of the few vendors outside of the United States. As the main competitor of American vendors quickly gained a 40 % share of the market SSL certificates.


 

Respectable SSL certificate provider Entrust Datacard is now available in the offer. Check certificates with full range of enterprise requirements and strong validation EV and OV. 

Companies that use the free SSL Certificates for their own websites should rethink that choice. Security company "Trend Micro" indicates that a free SSL Certificate doesn't guarantee the security of the site.

Maybe you ask yourself, why exactly do you need a SSL certificate. If so - you should read.

The guide includes useful information on tips to help you avoid scams and protect yourself while using Wi-Fi / mobile devices.

Several Thai government websites have been paralyzed by a suspected denial of service (DDoS) attack. 

Leading Certificate Authority has stopped offering these certificates.

On its official blog Firefox developer team announced that they're going to focus their efforts on intent to phase out HTTP for HTTPS. That means Firefox is taking serious steps forward to fully encrypte and make the Internet a safer place.

Due to introducing by CA/Browser Forum (CA/B) its guidelines, issuing of SSL certificates for IP addresses and server internal names won’t be allowed if its validity period exceed November 1st, 2015.

Trustwave® today announced that Singapore Telecommunications Limited (Singtel), Asia's leading communications company, has entered into a definitive agreement to acquire Trustwave Holdings, Inc., a privately held information security company headquartered in Chicago. The acquisition strengthens Singtel's information security capabilities and bolsters Trustwave's ability to expand its leadership in managed security services globally.

According to the w3techs.com Comodo overtake a former leader on SSL market - a Symantec group (with GeoTrust, Thawte and Verisign).

OpenSSL released four patches for new security vulnerabilities found in OpenSSL versions 1.0.1 and 0.9.8. These patches fix a total of eight vulnerabilities, two of which are rated moderate and the others are considered low risk.

One of the largest providers of in-flight Internet service is accused of using methods similar to man-in-the-middle attacks. The company issued fake SSL certificates. Gogo explained that they were intended primarily for transmitting and downloading heavy files.

Due to the age of SSL version 3, which is already more than 18 years, part of certain solutions may already be obsolete.

Last week São Paulo hosted one of the most interesting events of the IT industry WHD.brazil.

Sydney show attendees can learn from SSLGURU why DigiCert is the world’s fastest-growing high-assurance certificate provider—offering award-winning support, fast issuance times and innovation

As of this past Wednesday, websites that aren’t encrypting connections will get a lower ranking on Google’s search engine.

The Heartbleed Bug also known as CVE-2014-0160 is a vulnerability within the OpenSSL cryptographic software library that enables all the SSL/TLS protected information to be stolen under normal conditions.

This week we attended WHD.global 2014, an important event for the hosting industry, which was held in Rust, Germany.

Phishing: The act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.

First day of CeBIT 2014 is behind us! Thanks to all visitors who came to talk about Internet security and ways to assure safety during online activity. That was great day full of meetings and other events such as a TV interview

SSL certificates are very important especially for websites that handle sensitive information. Here are ten important things to consider while purchasing your SSL certificate.

As many of our clients know, purchasing SSL from a hosting provider can be very expensive. In order to overcome those ridiculous prices and purchase the SSL certificate of your choice we took the time to write this general guide to installing 3^rd Party SSL.

As many of us know businesses are increasingly using Active Management Technology (AMT) to remotely control and manage their computer networks.

Since the Edward Snowden leaks internet privacy has become somewhat of a difficult subject to discuss. It has come to light that the NSA along with the other agencies (FBI, CIA etc.) have enabled access to our personal lives, which in return, has given us a big brother sense of insecurity. In order regain that sense of security we lost months ago I will briefly discuss 5 easy ways to keep your personal information private.

Many clients often ask us if there is a solution to secure a website along with its sub-domains. The quick and easy answer is yes. A Wildcard SSL certificate does exactly that, by definition a Wildcard certificate will secure the main domain and any sub-domains

As a whole SSLGURU.com always tries to provide the most update security advice to our clients, so today we are going to discuss some of the duties that content owners and publishers have in order to properly store and transmit their customer’s data. It has been proven that if a customer believes that their data is safe then they will be more inclined to shop and spend online. In order for industry standard s to improve it is important that website protection is “vendor-neutral, easy to implement, and globally accessible.” Every website owner should integrate the best security practices into the web design and implementation and this includes the use of SSL. 

Encryption key management for SSL is the process of successfully securing and managing the private key. The private key is the tool that is used to decrypt the information that is received from anyone who has access to the public key. For example if an end-user purchases an item from amazon.com their browser would encrypt the personal information (credit card, address etc.) using the Amazon’s public key, and once that information is received by the Amazon server it would be decrypted by their private key. Because of the unique feature of the private key essentially the most important aspect of SSL and therefore should be securely stored and managed. Below I have discussed a few ways to success store and manage a private key.

As many of you may know Google recently detected a TLS/SSL certificate that was created by the Ministry of France and used as “a commercial device, on a private network, to inspect encrypted traffic with the knowledge of the end users.” In general there is no application on the public internet that would require such a certificate and the use of this type of intermediate certificate does create many security related problems such as “internet traffic routing, domain name resolution and the possibility of an unconstrained trusted intermediate CA certificate.”

BYOD (Bring Your Own Device) is the new phenomenon spreading across the world. Workers are more and more often  using their personal devices such as smartphones and laptops for attaching to corporate networks. According to Virgin Media Business reaserch it is increasingly common practice. In 2012  51% of corporate networks in UK have already been compromised  by this practice. Smaller companies are particularly vulnerable for those kind of threats.

A weak roots are defined as a keys long less than 1024-bits. No connections with these short encryption keys are dedicated to increase the protection of users and also moving from the Internet old and unsafe tools to a stronger encryption length.

The largest Polish service offering SSL certificates - SSL4less.eu - enriched by another important issuer - SwissSign.

Today our offer has been modified and opened out with products of CA form Switzerland. The company issues all types certificates.

This August, Microsoft will issue an update, which will block the use of cryptographic keys shorter than 1024-bit.

Symantec has announced changes with issuing SSL certificates. They concern the certificates secure domain name (the standard) and Code Signing.

Almost every day all of us come across small or big dangers in the web. The most often there are viruses, infected files and phishing.

A summary report of Internet security threats in 2011 reveals that SSL certificates are still accepted by IT specialists as one of the basic elements of e-data protection. Symantec warns: 232 million identity has been stolen in 2011.
 

There is a race going on to book a new domain names. The idea of registering domain .SECURE has been published recently. It will require fully encrypted https:// sessions.

A non-profit Trustworthy Internet Movement (TIM) will publish regularly the list of secured and unsecured websites to improve online security and awareness among internet users.

WhiteHat Security specialists alert for increased hackers activity and big amount of affected sites. It turns out that criminals become more efficient and the owners have still weak security on their pages.

Banking specialists emphasize that the most important issue of any financial transaction is security. Particular security needs online banking, where the user must trust the website to manage money.

Websites with SSL certificate are possible to recognize in a several ways. The main graphic sign is the padlock. It is a general sign of on-line security.

Poles buy more often and more goods than before. The most popular are e-shopes with books, movies and music.

In a few weeks all users who are signed into Google Account will use search solution over SSL certificate with protocol: https://www.google.com.

As the official partner of Comodo brand in Poland, we are pleased to announce that the website with the newest Apple's service - iCloud.pl - is protected by COMODO product, EV SSL certificate.

There is no perfect e-shop - this is the conclusion after reading the studies about customers behaviour during purchasing on-line. All the responders faced problems with e-shoping.

Some SSL products secure one domain name, but in 2 options: with and without WWW prefix. This option is available just for a few certificates.

Warranties of certificates VeriSign have crossed amount of one million dollars. It is the first vendor which offers all products with a million dollars security.

The owner of website CertyfikatySSL.pl - Domeny.pl Ltd - has joined the elite group of companies that have been accredited of two ISO standards: ISO 9001:2008 and ISO/IEC 27001:2005.

GeoTust - one of our best vendors - has upgraded its products again. This time company offers higher amounts of warranties.

The newest report about malware statistics shows that the last quarter was one of the most dangerous in the history.

It starts from buying swim suit for example, and then: tickets reservation, accommodation booking, car rental and vacation is organized :) Here we have some tips how to stay safe on-line.

Limited user awareness, internet crimes and insecure systems are main problems with data security in companies.

In 2010 Polish market was worth 3,3 billion Euros. It does not include trips, holidays, music, tickets etc. which was bought on-line. The most popular products are electronic items.

Microsoft has found that 1 of 14 programs is later confirmed as malware. Hackers attack in so smart way, that users install viruses by themselves.

Visa Europe has lunched security guidelines to ensure trust in mobile acceptance solutions. Practices are issued for e-customers, e-commerce services management and software and hardware providers.

Check products of our new partner - TrustWave and choose certificate to secure data transfers, transactions, e-mails or files.

12 500 specialists of Internet security will take part in InfoSecurity Europe 2011 event in London. We will be there too.

Twitter, as an another giant on-line service, has lunched new safe HTTPS setting to encrypt connections between networks and users.

Google secures its users and has recently switched more services to https://. After Gmail and Picasa Web Albums, encrypted connections will work on YouTube.

Media reports that customers of five Polish banks must be aware of hacking when using e-banking systems.

Panda - The Cloud Security Company - uncovered the cyber-crime black market of IT threats designed to steal bank details. The prices for captured information starts from $2.

NIST announced that just certificates with 2048-bit root length can guarantee security and provide strong protection for websites. Every certificate Comodo offers 2048-bit root key.

We offer the FreeSSL Certificate from Comodo with no fee. It is a great possibility for all our clients to see how SSL certificates work and help day after day.

VeriSign leads the global SSL marketplace with a 44.4 percent share, according to the latest Netcraft survey of publicly facing SSL Certificates on the Internet.

66 per cent Polish Internet users buy goods on-line. Like in the real world, they need to be confident that their payments are safe and secured. It is given by SSL technology.