Security

Securing a server: correctly configuring Linux, etc.

If you operate or rent your own server, it is your responsibility to protect it against failures and external access. You can immediately begin to set the foundation for this when configuring the server, if you have the necessary administrative rights. The correct settings can work wonders, especially with encrypted remote connections via SSH protocol, and greatly increase security. [...]  

Content Security Policy: how websites are becoming safer

Websites can be full of security risks, especially when it comes to active content like JavaScript. Cross-site scripting enables cyber criminals to modify this content for their own purposes. This is dangerous for website operators and especially for internet users. The Content Security Policy tries to reduce this risk. Learn what’s behind the security standard and how it works. [...]  

Click fraud: how to out fraudulent clicks

Every year, click fraud costs the advertising industry billions. An increasing amount of advertising operators have to deal with the fact that their ads often don’t reach their intended targets due to artificially generated clicks through the likes of link farms or bot nets that seek to deplete advertising budgets. We take a closer look at the topic of click fraud and show you some counter measures that you can take. [...]  

Sign e-mails with a digital signature

Spam e-mails may be annoying, but they’re mostly harmless. What’s more problematic is phishing – a technique whereby fraudsters try to con you by posing as trustworthy sender addresses in an attempt to get hold of sensitive data. These messages appear genuine too, because without a digital signature, it’s very easy to assume a trusted identity online. In order to protect customers and their own reputations, businesses operating online should be fully aware of the importance of electronic signatures. Find out more about how they function here. [...]  

Tips for better website security

Would you leave your window open at night if you knew there were intruders lurking about? Obviously the answer to this question is ‘no’. Many companies and individuals leave their virtual window open to cyber criminals by not adequately protecting their websites. Website security is an extremely important topic. Only by regularly carrying out security checks and following the proper precautions can you be sure that your data stays out of the hands of criminals. [...]  

HPKP: The security feature for SSL/TLS certification

SSL/TLS certificates play an increasingly important role in the transmission of sensitive data. They guarantee that data packets reach the desired addressee without any detours. Problems only arise when internet users are deliberately redirected by invalid certificates from dubious certification bodies – a scenario that can be prevented using so-called HTTP public key pinning (HPKP). [...]  

Browser fingerprints: tracking without cookies

In recent years, so-called browser fingerprinting has established itself as a tracking method that doesn’t rely on the use of cookies. Web servers capture different characteristics from visitors’ browsers and determine their digital fingerprint based on them. They enable visitors to be recognized at a later date. While some information is automatically transmitted, it is mainly active elements such as Flash animations or JavaScript applications that provide crucial information. [...]  

Social engineering – the security gap at ‘layer 8’

The most effective system break-ins often happen without a scene. Instead of disrupting central network devices with DDoS attacks or sneaking through onto operating systems with Trojan horse techniques, hackers increasingly try to exploit the human security gap. There are various such methods that fall within the broader category of social engineering: a technique that sees hackers gather publicly available information. They then use it to attempt to trick company employees by exploiting their normal human traits, such as helpfulness or fear in order to obtain privileged information and passwords. Find out how social engineering works, and what you can do to prevent it. [...]  

What is cybersecurity? The current dangers

More and more dangers are creeping into the digital world. So it is no surprise that the issue of cybersecurity is gaining more and more weight and is taking a leading role in the fight against cybercrime. But how can you protect yourself from dangers on the network? And what is the current state in the US? We provide you with an overview of this.  [...]  

SSL stripping – how to protect your web project

Data transmission via SSL/TLS is one of the most effective means to give a web project more security. Even before packets are sent, powerful algorithms ensure the encryption of the information. If third parties capture the data on the transmission path, the true content remains hidden from them. However, it becomes problematic if attackers are active with their tools, even before the encryption process has begun. This is the case with so called SSL stripping. [...]