Cloudera, AlienVault, and CA – Business Security Weekly #96

Join Paul, Doug White, and Todd to talk about Security Innovation that includes: AlienVault, Cloudera, Splunk, Fortinet, CA and more! Full Show Notes Visit http://securityweekly.com/category/ssw for all the latest episodes! Hosts
The post Cloudera, Ali… Continue reading Cloudera, AlienVault, and CA – Business Security Weekly #96

HTTPS: why the green padlock is not enough

Cheap hosting deals offering free certificates have made the green padlock a less convincing sign of security. Here’s what to look for to ensure a website is safe to visit.
Categories:

101
FYI

Tags: cacertificatesextended validationgreen padloc… Continue reading HTTPS: why the green padlock is not enough

Cisco, Tufin, Infocyte, & ObserveIT – Enterprise Security Weekly #87

In the news this week, Product announcements from Infoblox, Infocyte, ObserveIT, ThreatQuotient, Cisco and Tufin. Symantec could be in hot water, and CA and Palo Alto both made a recent acquisition, and more on this episode of Enterprise Security Weekl… Continue reading Cisco, Tufin, Infocyte, & ObserveIT – Enterprise Security Weekly #87

Look-Alike Domains and Visual Confusion

How good are you at telling the difference between domain names you know and trust and imposter or look-alike domains? The answer may depend on how familiar you are with the nuances of internationalized domain names (IDNs), as well as which browser or Web application you’re using.

For example, how does your browser interpret the following domain? I’ll give you a hint: Despite appearances, it is most certainly not the actual domain for software firm CA Technologies (formerly Computer Associates Intl Inc.), which owns the original ca.com domain name:

https://www.са.com/

Go ahead and click on the link above or cut-and-paste it into a browser address bar. If you’re using Google Chrome, Apple’s Safari, or some recent version of Microsoft’s Internet Explorer or Edge browsers, you should notice that the address converts to “xn--80a7a.com.” This is called “punycode,” and it allows browsers to render domains with non-Latin alphabets like Cyrillic and Ukrainian.

Below is what it looks like in Edge on Windows 10; Google Chrome renders it much the same way. Notice what’s in the address bar (ignore the “fake site” and “Welcome to…” text, which was added as a courtesy by the person who registered this domain): Continue reading Look-Alike Domains and Visual Confusion