Encryption

Sign e-mails with a digital signature

Spam e-mails may be annoying, but they’re mostly harmless. What’s more problematic is phishing – a technique whereby fraudsters try to con you by posing as trustworthy sender addresses in an attempt to get hold of sensitive data. These messages appear genuine too, because without a digital signature, it’s very easy to assume a trusted identity online. In order to protect customers and their own...

How to Protect Access to your Cloud

In the digital age, we are increasingly resorting to cloud services: At work, people collaborate on projects together in the cloud, and in their free time, they share photos from their last vacation. At the same time, cloud storage is by no means free from security risks. The multi-cloud environments of larger companies, in particular, are becoming a challenge for cloud security. Here, we will...

How to recognize and remove malware

Practically every PC user fears Trojan horses and computer viruses. Security is paramount if you are managing sensitive data or setting up a server. You need a comprehensive security concept to protect yourself against insidious malware. It’s helpful to know the different types of malicious software that exist, and how to combat and safely remove them.

Encryption methods: An overview

E-mail, instant messaging, or voice-over IP: If you want to communicate over the internet, you should make sure that the data transfer process can be trusted. The same goes for the World Wide Web. With online banking and digital shopping, money transactions are increasingly being carried out online. Popular encryption methods like DES, AES, or RSA should guarantee the security of passwords, credit...

HSTS: Reliably secure your HTTPS connections

HTTPS, the network protocol for TLS-encrypted data transfer online can be circumvented in some cases. The danger is that encrypted websites can be accessed via unencrypted HTTP. But the HTTPS extension HSTS (HTTP Strict Transport Security) forces website access via TLS encryption, closing the security gaps that hackers like to use to intercept the HTTPS connection during transport using...

IP Spoofing: Fundamentals and counter-measures

Sending data over networks is one of the most important and highest utilized functions of the modern computer era. But the structure of the necessary TCP/IP connections makes it all too easy for criminals to intercept data packets along their way and either view or alter their contents. One of the most common methods of attack is IP spoofing, which allows DoS and DDoS attacks, among other things...

What is a VPN (virtual private network)?

VPN implementations offer an affordable alternative for locally connecting networks, as well as making network resources available for external devices. In contrast to corporate networks, no private communication network is required. Instead, like the internet, VPNs rely on networks, and protect sensitive data through a process known as tunneling.

QUIC – the Internet Transport Protocol based on UDP

Quick UDP Internet Connections (QUIC for short), is an experimental network protocol from Google. Further development of the protocol is being driven by IETF, which has set up a dedicated group working towards it. The QUIC protocol is intended to offer a speed-optimized alternative to the current transport standard TCP and builds on the connectionless protocol UDP to achieve this.

S/MIME: the standard method for e-mail encryption

If you send an e-mail without additional security measures, it’s like sending a postcard: if everything goes as planned, the information should arrive unchanged and unread in the recipient’s inbox. However, if someone intercepts the card or the e-mail in transit, they can read the contents without any problem and make as many changes as possible. Just like you would use an opaque envelope to...

HTTPoxy: Behind the CGI vulnerability

Fifteen years after the discovery of the security flaw HTTPoxy, it’s still an issue with CGI applications. The reason for this is the fact that the Common Gateway Interface standard provides the use of environment variables to process HTTP requests. These can include header contents that modify the original proxy configuration, allowing hackers to redirect data packets to a completely foreign...