Entrust Identity On: Latest Posts

Can You Spot a Phishing Email?

December 18, 2013 by Entrust, Inc. Leave a Comment

This holiday season, buyers everywhere will flock to the Internet to rack up savings on deals and avoid the hassles of shopping in malls and department stores. Unfortunately, shopping online without using caution can lead to great headaches due to the prevalence of criminal activity. One of the most devastating identity theft techniques comes in [Read More...]

Filed Under: Malware, Mobility, Secure Browsing Tagged: phishing

Top 10 Holiday Scams to Steer Clear of this Season – Part 2

December 16, 2013 by Entrust, Inc. Leave a Comment

This is Part 2 of a two-part series. To read the first post, click here. Top 10 Holiday Scams to Steer Clear of this Season 6. Order shipment notification When doing your holiday shopping, always make sure that the email notification confirming your order shipment is directly tied to the official company of which you [Read More...]

Top 10 Holiday Scams to Steer Clear of this Season – Part 1

December 12, 2013 by Entrust, Inc. 1 Comment

Top 10 Holiday Scams to Steer Clear of this Season You have spent all night looking for the perfect gift online for your spouse, children or significant other. After hours of searching, you finally come across the ultimate package certain to grant you a lifetime pass to the Nice List — two tickets to the [Read More...]

Filed Under: Mobility Tagged: holiday, mobile security

Java Secures Supply Chains through Code Signing

December 11, 2013 by Bruce Morton Leave a Comment

This post was originally published by Bruce Morton & Erik Costlow on the CA Security Council blog. We have recently discussed the benefits of code signing in two posts: Securing Software Distribution with Digital Signatures and Improving Code Signing. These posts covered the role of code signatures as a “digital shrinkwrap” designed to answer a simple question: [Read More...]

Filed Under: Code Signing Tagged: Java, Oracle

SHA-1 Deprecation, on to SHA-2

December 9, 2013 by Bruce Morton 1 Comment

We have previously reviewed implementation of SHA-2, but with Bruce Schneier stating the need to migrate away from SHA-1 and the SHA-1 deprecation policy from Microsoft, the industry must start to make some progress in 2014. Web server administrators will have to make plans to move from SSL and code signing certificates signed with the [Read More...]

Filed Under: SSL, SSL Deployment Tagged: Code Signing, Microsoft, SHA-1
Chris Taylor

Did Google Miss the Mark With Push To Make Passwords Obsolete?

December 2, 2013 by Chris Taylor Leave a Comment

On Saturday, Forbes discussed Google’s 2014 vision to make user-generated passwords obsolete. It’s an initiative that deserves praise and is long overdue. Someone is finally taking strong authentication and identity-based security seriously — particularly in the consumer space. It does, however, come with some caveats. Google is demonstrating that identity-based security solutions are available for [Read More...]

IETF 88 – Pervasive Surveillance

December 2, 2013 by Bruce Morton Leave a Comment

This post was originally published on the CA Security Council blog. Internet Surveillance The big news at IETF 88 in Vancouver was the technical plenary on Hardening the Internet which discussed the issue of pervasive surveillance. Pervasive surveillance is a mass surveillance of an entire or a substantial fraction of a population. The surveillance is usually [Read More...]

What is the European Union Agency for Network and Information Security (ENISA)?

November 7, 2013 by Entrust, Inc. Leave a Comment

In order to get a good sense of what the European Union Agency for Network and Information Security (ENISA) does, think of the Internet as a giant body that is constantly fighting attacks from viruses. In this example, ENISA is like a team of doctors that watches over the Internet and advises European Member States, [Read More...]

U.K.’s Financial Policy Committee Prepping Banks for Advanced Cyber Attacks

November 5, 2013 by Entrust, Inc. Leave a Comment

The U.K. is currently taking active measures to prepare its financial sector with solutions for dealing with massive cyberattacks. Recently, banks have requested to conform to new guidelines imposed by the U.K.’s Financial Policy Committee (FPC), a government group in charge of monitoring both the Bank of England as well as the economy. On Oct. [Read More...]

Ransomware: This is a Digital Hold Up

November 4, 2013 by Entrust, Inc. Leave a Comment

Avoiding nefarious CryptoLocker, Reveton malware Imagine this frightening scenario: You attempt to log on to your computer, but instead of seeing the normal login gateway meant for entering credentials, you see a black screen with the words “YOUR COMPUTER HAS BEEN LOCKED.” Next to the words are an intimidating FBI window and a warning that [Read More...]