What is SSL?

What is SSL?
the Basic Story about SSL


As more and more people get online, consumers are starting to look for safe ways to get their information. One of the ways is using SSL, a protocol for encrypting your data on your website.

Encrypting your data is a way for website owners and consumers to protect their information. Encryption is the process of turning information into code that can’t be read or understood by anyone except the intended recipients. It’s usually used when sensitive information (like credit card numbers) is transferred over the Internet.

If you want to create a secure website, then you have to know that SSL or also knows as SSL Certificates have become an essential part of the internet. It is not only about the security but also about branding and credibility. Before you can purchase an SSL Certificate with us, it is important to understand what this certificate actually does.

The internet is an unsafe place. SSL certificates play an important role in keeping user data safe and secure. SSL helps to prevent attackers from creating a fake version of the site, which could lead to phishing or other attacks to steal user information.

Now, if you don’t have an SSL certificate, your website may still function, but it will be vulnerable to hackers and Google will warn visitors that your website is not secure.

Where do you use SSL?


It’s usually used when sensitive information. You use SSL when you have websites that have:

      • Payment transactions such as credit card transactions.
      • Logins such as system login web forms.
      • Data Transfer such as file transfer.  

If there is any more to add, please do share it with me at the comment section. 

Why do you need to know the difference between HTTPS and HTTP?


Yes, the latter is without the “S” alphabet.

When you deploy SSLs to your websites, you would notice only https. If you go to any websites from established brands and companies, they would have https. It is very important for you to be aware about this.

Before diving deeper, it’s important to understand the difference between HyperText Transfer Protocol Secure (HTTPS) and HyperText Transfer Protocol (HTTP). HTTPS is the secure form of HTTP, and HTTPS websites are websites that have their traffic encrypted by SSL.

However, many users won’t notice the difference between an http:// and an https:// web address, but most browsers have started tagging HTTP sites as “not secure” in more noticeable ways, attempting to provide incentive for switching to HTTPS and increasing awareness.

What is SSL?


It is a security technology for establishing an encrypted link between a server and a client – typically a web server (website) and a browser (Chrome, Firefox etc) – in order to protect communication.

SSL certificates are vital to the security of website owners and consumers. It is an online security measure. It is a tool of standard for ensuring the data security are always untouched and undamaged.

When you have a website, the first step to securing your website is by installing an SSL certificate. All your URLs will need to be changed from HTTP to HTTPS in order for your server to communicate with it properly and that your user data, like login and financial information, is encrypted. This secure link ensures that all data transferred remains private

What is the difference between SSL and TLS?

Transport Layer Security (TLS) is the successor protocol to SSL. In another words, TLS evolved from Secure Sockets Layer (SSL),

In another words, Transport Layer Security (TLS) protocol is actually just an updated version of the Secure Sockets Layer (SSL) protocol. TLS fixes some security vulnerabilities in SSL.

The terms are used interchangeably. However, people are still preferring to utilize SSL and I have used SSL in this article too. Hope, it clears your confusion. 

That is all for now.

You may be interested:  A historic timeline of SSL to TLS

 

 

 


Why you should buy Kaspersky Endpoint Security Cloud for your workplace? One of the reasons is in this article

Why you should buy Kaspersky Endpoint Security Cloud for your workplace

This article discusses in brief about the effectiveness of Kaspersky Endpoint Security Cloud during a test conducted by AV-TEST.

Kaspersky Endpoint Security Cloud is one the many products by Kaspersky, a global security company founded in 1997. Other well-known products by Kaspersky are Kaspersky Antivirus and Kaspersky Internet Security.

If you ever decide to buy a good cyber-security program for you office, you can consider Kaspersky Endpoint Security Cloud as one of your options. Since we are also a Kaspersky Partner, you can reach us or snap up with us.

Now, if you think this article post is techy, don’t worry, as long you know that Kaspersky Endpoint Security Cloud is a good choice for your organization to protect from Ransomware attacks.

According to a recent assessment by AV-TEST, an independent research institute for IT security, Kaspersky Endpoint Security Cloud demonstrated 100% efficiency against ransomware attacks.

As a result of three different scenarios and 113 attack samples, the product didn’t lose a single user file and outran 10 different cybersecurity vendors. This is not just impressive protection for the workplace, but also an important safety net for consumers who are at risk of falling victim to these malicious attacks.

Over the last few years ransomware has grown as an industry, with plenty of malware families and gangs dedicated to it as well as attacks-as-a-service. Attacks-as-a-Service , Malware-as-a-Service and Fraud-as-a-Service are all terms commonly used for providing of illegal activities by cyber criminals.

In the second quarter of this year, almost 3,000 new ransomware variations were created and 97.000 users were attacked across the globe. This is about 6.000 more than in Q1 of this year according to Kaspersky’s research.

AV-TEST examined 11 endpoint protection platforms for three scenarios:

    • real-world ransomware attacks on user files stored in a local system,

    • real-world ransomware attacks on user files located in a remote shared folder, and

    • Proof of Concept of ransomware attacks on user files on a local system.

During the testing phase, it was expected that the products would identify, block & eliminate ransomware from your machine. The study included 25 different ransomware families, such as REvil, Ryuk, Conti, Lockbit, pysa, Ragnarlocker and Ransomexx. 14 proof of concept vulnerabilities were also presented for the test.

Source:  Kaspersky USA

Kaspersky Endpoint Security Cloud successfully protected all computers in all three test cases and did not encrypt any important data. Kaspersky Endpoint Security Cloud scored the highest protection rate across all products tested, proving its value for businesses against this type of attack. It was able to protect business data in an employee’s desktop.

Cybersecurity has become a challenge as technology continues to advance. With the constantly changing threat landscape, it is difficult to identify and stop attacks. Even if there are advanced monitoring systems in place, sophisticated attackers can spend up to 146 days in a system before being detected.

For more information about Kaspersky Endpoint Security Cloud, please call us at  012-3075896.

Jom beli “Domain Name” seperti NamaSyarikat.com dan lain-lain

 Beli Nama Domain(Domain Name)

Kami merupakan penjual nama domain (domain name) di Malaysia. Anda boleh membeli apa-apa jenis nama domain yang berhujung dengan .my khusus untuk kegunaan di Malaysia  seperti:
 

| .my | .com.my | .net.my | .org.my | edu.my | gov.my | .mil.my | . name.my |

Selain itu, anda juga boleh membeli apa-apa jenis nama domain untuk kegunaan yang tidak had hanya untuk Malaysia seperti:

| .com | .net| .org | .edu |

 
Untuk tujuan pendaftaran, kami memerlukan butir-butir seperti:
 
    1. Nama syarikat anda.
    2. Nama penuh anda.
    3. No telefon anda.
    4. Alamat penuh.

Kalau anda mempunyai apa-apa soalan, sila hubungi kami di 016 – 698 1391 atau 012 -3075896.

7 little tips that’ll make a big difference with your internet security

7 Internet Safety Tips

Please do not forget to share this to your loved ones.

Right away, you should install an anti virus or internet security. Get an anti virus or internet security from reputable brands such as Kaspersky.

A well known brand like Kaspersky is able to protect home & office environments. As a Kaspersky Partner , we can assure you that we provide original license only.

Visit our Shopee store for Kaspersky Anti Virus. 

The price:

      1. Kaspersky Anti Virus  for 1 Device  | 1 Year |   RM39.
      2. Kaspersky Anti Virus  for 3 Device | 1 Year |   RM109.
      3. Kaspersky Anti Virus  for 5 Device | 1 Year |   RM129.

Visit our Shopee store for Kaspersky Internet Security

The price:

      1. Kaspersky Internet Security  for 1 Device  | 1 Year |   RM99.
      2. Kaspersky Internet Security  for 3 Device | 1 Year |   RM139.
      3. Kaspersky Internet Security  for 5 Device | 1 Year |   RM179.

Visit our Shopee store for Kaspersky Total Security.

The price:

      1. KasperskyTotal Security  for 1 Device  | 1 Year |   RM109.
      2. Kaspersky Total Security  for 3 Device | 1 Year |   RM199.

All products are non-returnable and non-refundable and  licenses are not for sale and activation outside Malaysia.

Contact us @012 – 307 5896 or send email to sales@dukudanlangsat.com to buy from us.

For USA licenses, visit:
Kaspersky Anti-Virus 2021

Read also:

5 things about online learning tips for teachers

5 Online Learning Tips for Teachers

Online Learning Tips Infographic

If you need an online classroom platform, you can contact us at +60123075896 or send us an an enquiry using the form below.

The setup of Phishing websites before OSCARS 2021

Phishing Scam in Oscars 2021

This article is written by Kaspersky SEA.

On April 25th, the world  experienced the long awaited 93rd Academy Awards, also known as the Oscars 2021. With all the restrictions driven by coronavirus, the organizers were looking to make the virtual ceremony as thrilling as possible. And while the ceremony travels around the globe, in the online world, fraudsters are set to take full advantage the interest by spreading malicious files disguised as the best picture nominees.

Phishing Websites behind The OSCARS

In the hope of watching an Oscar-nominated movie, users visited a site where they were shown the first few minutes of the film before being asked to register to continue watching. During the registration, to confirm their region of residence, the victim was asked to enter their bank card details. After some time, money was debited from the card, and as expected, the film did not continue to play. This type of phishing is wide spread and considered to be one of the most popular among scammers. 

Phishing is Scam

Kaspersky experts have found various phishing websites offering to stream Oscar-nominated movies for free before the presentation of the awards, but these end up stealing users’ credentials. We have also analyzed malicious files behind 2021’s Oscar nominees. As a result, the company’s researchers have found around 80 files mimicking the movies up for Best Picture.

Analyzing the malware detected during the past year, Kaspersky experts found that almost 70% of malicious files are only disguised as three movies: Promising Young Woman, Judas and the Black Messiah, and the Trial of the Chicago 7. Biographical drama Judas and the Black Messiah was the most used source to spread malicious files –malware related to this film takes 26% out of the total infected files. 

“Cybercriminals have always tried to monetize users’ interest in various sources of entertainment, including movies. We see that big events in the film industry can boost some interest from the cybercriminal community, but today this type of malicious activity is not as popular as it used to be. Nowadays, more and more people are switching to streaming services, which are more secure because they do not require downloading files. Still, films serve as a popular lure to spread phishing pages and spam emails. These attacks are preventable, and users should be alert to the sites they visit,” comments Anton V. Ivanov, who is a security expert at Kaspersky

To avoid falling victim to a malicious programs and scam, Kaspersky advises users to:

      1. Check the authenticity of websites before entering personal data and only use official webpages to watch or download movies. Double-check URL formats and company name spellings.
      2. Pay attention to the extensions of the files that you are downloading. A video file will never have an .exe or .msi extension.
      3. Use a reliable security solution, such as Kaspersky Total Security  that identify malicious attachments and blocks phishing sites.
      4. Avoid links promising early viewings of content, and if you have any doubts about the authenticity of content check it with your entertainment provider.

The few benefits of Digital Signatures that I can share with you

The 7 benefits of Digital Signatures

Electronic Signatures

Before electronic signatures were legally recognized, the usual activities for  all paper-based agreements or contracts had to be:

      • signed with handwritten signature,
      • mailed or
      • emailed, faxed, or scanned,
      • and filed.

Obviously, this requires several steps making it time consuming, costly and can be replaced in favor of electronic signatures or the subset of it known as Digital Signatures.

Digital signature is a type of electronic signature. Both digital signatures and other electronic signature solutions allow you to sign documents and authenticate the signer.

However, digital signatures provide an encryption known as Public Key Infrastructure(PKI). The encryption provided is added as a layer of security. Another way of saying, if your document is encrypted then no one else would be able to read it unless given permission.

Most importantly, this encryption is globally recognized and legally accepted. This is the key difference between digital signatures and other electronic signatures solutions.

So, if you are looking for e-signature solutions, I would suggest you to take on digital signature. Below are the 7 benefits of digital signatures.

1. It  is useful for audit trail purposes


An audit trail is defined as a step-by-step record or log system which is a collection of the documented history of transactions – right from the beginning of a document when signed together with timestamp – time & date are recorded.

This would ensure the signed document can’t be denied by the signer after the transaction has been completed.

If you have lots of documents to be signed every day, imagine the hassles that you would save if you ever needed to backtrack for purpose of integrity of the information.

2. It is legally accepted in Malaysia.

Please watch the video on Digital Signature Act 1997.

Digital signatures are legally accepted in many parts of the world. In Malaysia there is Digital Signature Act 1997(“DSA”) which governs the usage of digital signatures. It was followed later by the Electronic Commerce Act 2006 (“ECA”).

The Malaysian Communications and Multimedia Commission (MCMC) is responsible to administer, enforce, carry out and give effect to the provisions under DSA 1997 for the purpose of monitoring and overseeing the activities of Certificate Authorities(CAs).

3. It brings time efficiencY.

Digital Signatures h

Comparatively, in a manual process to get a signer to sign a document, you can also use digital signatures platform. By using this digital platform, you alleviate the usual and sometimes lengthy process of manually signing documents, managing it and later store it in a physical space.

Digital Signatures allow you to turn this process – sometimes days or even weeks into minutes or few days.

4. It is extremely cost-effective

Digital Signatures are Cost Effective

 When you use Digital Signatures, you can see an improvement in cost saving due to the less usage of:

  • paper,
  • ink,
  • printers and
  • other related maintenance costs including the physical space to store the documents which could be used for other purposes.
5. It provides a good security policy and mechanism

Digital Signatures & Encryption

 It eliminates the chances of physical records going missing or being destroyed. The basis for document signing, it is the action of adding a “trusted digital signature” to a document.

It generates tamper seal to alert the receiver in case of any unauthorized edits are discovered. As a result, it eliminates the risk of forgery because it is backed by high level of encryption.

Another benefit is when a digital signature is added, digital certificate is created with time stamping elements which ensure the signed documents are protected even after the digital certificate expires.

6. Workflow efficiency

Digital Signature & Workflow Efficiency

Managing and tracking documents is easier and faster. Processes that use to take months from the time a document is requested until it is received can be done in considerably less time.

You can even have any agreements or contracts signed as soon as possible. This would promote efficiency in the workflow.

This in particular will help organizations or businesses who have employees working from home to use digital signature solutions to alleviate unnecessary risks.

7. PHYSICAL SPACE SAVING

It is a space saving in the sense that you do not have get a space for storage of transacted documents. Everything now is located on the server which you can access it from anywhere and at the time of your convenience.

Perhaps, sometimes you need to get to office just to get the copy of documents after working hours or in weekends, imagine what you can do with few clicks from your comfort of home or if you are travelling, you can access to the documents.


Contact us @012-3075896  to learn more our digital signature products


Microsoft was also breached in recent SolarWinds(software company) hack

This is a news summary of Microsoft confirms it was also breached in recent SolarWinds supply chain hack from ZDNet.com, published on 17 December 2020.

This is related to a previous news of U.S. Government Hacked!

Cyber Attack

The state-sponsored attack on SolarWinds has also broke into Microsoft’s internal network and what is even stumbling is Microsoft’s own products are used to further attack against others companies as well, Reuters reported.

This news came after US Cybersecurity and Infrastructure Agency (CISA) had published an alert on the SolarWinds supply chain attack and its impact on government agencies, critical infrastructure entities, and private sector organizations.

You can read the about the alert here: CISA Alert.

CISA mentioned that “evidence of additional initial access vectors, other than the SolarWinds Orion platform.”

2 reportings from Reuters about Microsoft hack did not bring up what Microsoft products are affected by the attack.

The Microsoft’s unedited statement is:

“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.”

As of the time of this news published, most of these victims are US government agencies and the only private company is cybersecurity firm FireEye.

As per article, both FireEye and Microsoft provided extensive reports of how the breach happened and involved in an operation to sinkhole the domain avsvmcloud[.]com used in the SolarWinds hack.