Site24x7 Disabling SSLv3 by 30th November 2014

Posted on by
0

You must have recently read about version 3 of Secure Sockets Layer (SSLv3) being vulnerable at the protocol level, many news sources and the OpenSSL team has confirmed this vulnerability.

The Security Flaw

POODLE (Padding Oracle On Downgraded Legacy Encryption) allows an attacker to read information encrypted with this version (SSLv3) of the protocol in plain text using a man-in-the-middle attack.

Man-In-The-Middle Attack

An attacker could downgrade an encrypted TLS session forcing clients to use SSLv3 and then force the browser to execute malicious code. This code sends several requests to a target HTTPS website, where cookies are sent automatically if a previous authenticated session exists. Th


Site24x7 Scare-to-Win Halloween Contest

Posted on by
0

Its that time of the year again when we are all geared up to to celebrate Halloween with the usual trick-or-treating, carving pumpkins into jack-o’-lanterns and attending costume parties. Well, this year Site24x7 doubles your Halloween celebrations.  Participate in the Site24x7 Scare-to-Win Halloween contest on Twitter and walk away with a shiny new Pebble Steel smartwatch.

halloween-blog-img

All you have to do is, just take a pic of your scariest best and tweet it with the hash tag – #Site24x7Halloween. The pic receiving the most favorites or re-tweets will take home the grand prize.

Terms & Conditions for the Halloween Contest:

  • Contest is open to public including Site24x7 users from October 31st &#8211


Mobile monitoring versus Web Monitoring

Posted on by
0

There is no question that mobile is exploding. Just to give you some quick data points, a record 21% of all online 2013 Thanksgiving shopping came via mobile devices (Source: IBM), mobile commerce will be nearly half of e-commerce by 2018 (Source: Goldman Sachs), and mobile apps will generate $77 billion in revenue by 2017 (Source: Gartner).

network

Today mobile users are visiting your Web or mobile sites and they engage with your brand via your mobile apps, while more employees and partners increasingly rely on enterprise mobile applications (ERP, CRM, HR portals…) to get their work done. Yet don’t be mistaken. If you are only monitoring your Web applications, you are exposing your organization to risk, be…


Before Implementing an API, Consider These Risks

Posted on by
0

As businesses continue to place an increased reliance on cloud technologies, many services are implementing application programming interfaces (APIs) into their systems as a way to extend the functionality of their systems.  One of the great things about software is that it allows companies to expand the power of their code by allowing third-parties to leverage their platforms. Whether you run a collaboration platform, productivity suite or a database of product reviews, creating an API for your platform allows you to put the data to a better purpose.

By leveraging an API, customers can access crucial assets in a self-service way, helping to reduce internal development costs and allow even small devel…


What Shellshock Means for Datacenter Professionals?

Posted on by

Keeping your servers protected against major threats is a significant challenge for even the most experienced server administrators. While the heartbleed bug recently sparked waves in the information technology field, a new exploit recently was discovered which is far more devastating. Shellshock, a vulnerability in the Bash command interpreter and parser, which is now allowing attackers to run commands on affected servers even without proper authorization.

bash_security

For those unfamiliar with shellshock, the problem occurs when the characters “{ :;};” are included as the function definition. Once that code is entered, any code after that point is executed. A more familiar term for this is, “…