Krebs – Half of all Phishing Sites Now Have the Padlock

This is an important topic presented by Mr. Krebs.  We have conditioned ourselves and our end users to see the little lock next to an address as an “all clear” sign.  That is no longer the case.  SSL is becoming truly ubiquitous.  We have to look beyond the lock and we have to educate about what certificates are and how they work and what to verify and consider.

https://krebsonsecurity.com/2018/11/half-of-all-phishing-sites-now-have-the-padlock/

A Third of All HTTPS Websites Are Vulnerable to the DROWN Attack

This is a very serious vulnerability that should be addressed on all applicable web servers.  Please see the following links for more information.

http://news.softpedia.com/news/a-third-of-all-https-websites-are-vulnerable-to-the-drown-attack-501202.shtml

https://drownattack.com/