Your online security is important to us here at SSL.com.
Inspired by Data Privacy Day, we’d like to remind you that one of the most important things you can do to protect yourself online is to update your privacy settings. It can be confusing to find out where to update these, so we have made a single go-to page to save you time (and aggravation).

Follow the links below for instructions on viewing and changing your privacy settings in the most widely-used sites and services and programs:

Shopping

Email & Voice Communication

Mobile/Location Services

Music

Photo & Video Sharing

Search Engines

Social Networks

Web Browers 

PersonalInformationIsLikeMoney

Hey everyone, it’s Data Privacy Day

Data Privacy Day (DPD) is an annual international campaign held every January 28th to create awareness about privacy and protecting personal information online.

DPD, as we know it now, started in the United States and Canada in January 2008 later being signed into law in 2014 (S.Res.337). Canada and the U.S. adopted the campaign from Europe’s Data Protection Day celebration that began after the signing of Convention 108 in 1981. (Of course, as I was gently reminded by my coworkers, every day is Data Privacy Day here at SSL.com.)

Here are a few tips from StaySafeOnline.org and DPD to help you stay safe.

As an addition this year, the The National Cyber Security Alliance (NCSA), StaySafeOnline.org, and Data Privacy Day 2016 have included resources to assist victims of Domestic Violence. On this page, there are resources to assist individuals that have been or may still be at risk and would like to regain their personal information and an online presence.

SSL.com would like to wish everyone a safe and private 2016. Any questions or ways we can help you please contact us SSL.com.

SSL_com_logo

The Morris Worm

This week marks 26 years since the conviction of Robert Tappan Morris for releasing the first widely-reported computer worm. The “Morris Worm” (or, in those simpler days, just the “Internet Worm”) was supposed to silently replicate across and map the 60000 or so hosts then making up the pre-WWW internet.
360px-Morris_Worm

Due to some poor design decisions, Morris’ brainchild became instead the internet’s first widespread denial of service attack. The event led to the first conviction under the Computer Fraud and Abuse Act, the creation of the Computer Emergency Response Team (CERT) – and, of course, folk songs.

One of the requirements for the Morris Worm to spread? Weak and easily guessable passwords. Good thing that’s no longer the case, right?

Storm Jonas got you snowed in? Throw a brick of punch cards on the fire and settle back for a quick review of the security issues SSL.com’s been following this week.

(more…)

SSL_com_logo

Happy birthday, David Bowie!

Before there was, uh, whatever you kids are listening to, there was a kid from Brixton named David Robert Jones. He’s been in the music business for an eon or two – he started so long ago that he changed his name from Jones to Bowie to avoid confusion with one of the Monkees. (No, you look it up – we’re not goin’ there.)
bowie_brixton_tenner

Before there was Bitcoin, there were other alternative currencies, mostly local affairs like BerkShares, Ithica Dollars, and the Brixton Pound – the latter of which put Mr. Bowie’s face on their tenner as a tribute to a local boy made good.

Connection with digital security? Minimal at best!

Excuse for the Security Roundup to salute “the best-dressed Briton in history“? Taken!

Here’s some of what we’ve been following this week at SSL.com – enjoy!

(more…)

SSL_com_logo

It’s the end of 2015, and SSL.com’s End-of-Year Security Roundup takes a quick trot past some of the most interesting, dire and memorable occurrences in the field of information security of the past year. We certainly hope everyone has a very secure 2016 – but check back with us every Friday in 2016 to find out who didn’t.

2015 SECURITY ROUNDUP

January


PUBLIC WI-FI NETWORKS REALLY ARE INSECURE – A PROOF OF CONCEPT:
 Swedish Pirate Party member sets up open (and insecure) wi-fi network at security/defence conference, collects reams of data from hundreds who connect to it.


February


INSURANCE COMPANY HACK – ANTHEM EDITION:
 Some 80 million records accessed.

KAPERSKY DETAILS EQUATION GROUP: Elite state-sponsored cybersnoops related to Stuxnet and Duqu teams profiled by security researchers.


March


INSURANCE COMPANY HACK – PREMERA EDITION:
Medical and financial information for 11 million customers stolen.


April


WHITE HOUSE EMAIL HACK:
Russian black-hats read (nonclassified) Presidential email.

BACKRONYM ATTACKS MYSQL: Defeats SSL protection on most widely used flavors of popular database.


May


NETNANNY PRACTICES POOR SECURITY HYGENE:
Multiple profound flaws revealed in widely-used “family monitoring” software.

UBER PRACTICES REAL-TIME ENCRYPTION: As in, remotely accessing and encrypting their data during a raid by Canadian taxmen.


June


OPM – THE HACK KEEPS ON GIVING:
4 million 11 million 20 million current and former employees (and accredited journalists) compromised. (Bonus points: First round of victim notification only completed in December.)

GERMAN PARLIAMENT NETWORK COMPROMISED: Solution: complete shutdown and rebuild of entire network.

KASPERSKY HACK: In wake of Equation group expose, “Duqu 2.0” compromises security researcher’s own systems.


July


HACKING TEAM HACK:
Well-known, generally reviled hackers-for-hire hoist on cyber-petard.


August


ICANN CREDENTIAL HACK:
Master domain name organization has user profiles, email addresses and more compromised.

WHALING FOR DOLLARS: Ubiquiti wires $46 million and change to offshore accounts due to faked executive emails.


September


PENTAGON FOOD COURT HACK:
Worker bank data compromised, nuclear codes and recipe database secure.

INSURANCE COMPANY HACK – BLUECROSS/BLUESHIELD EDITION: Records for 10 million customers compromised.


October:


CIA DIRECTOR’s EMAIL HACKED:
John Brennan’s AOL account compromised (repeatedly) by teenage hacker.


November


DELL PULLS SUPERFISH 2.0:
 Computer manufacturer pulls a Lenovo, slips bad SSL certificate onto multiple machines.


December


VTECH AND MATTEL MAKE VERY INSECURE TOYS:
Hello Barbie and electronic toys made by VTech prove to have deeply troubling security flaws.

JUNIPER BACKDOOR WEDGED OPEN: Parties unknown find and exploit an existing, intentional security hole in Juniper devices.


As always, we appreciate your reading these words, and hope you have a terrific new year. And remember what we truly believe here at SSL.com – a safer internet is a better internet.