Let’s Encrypt Free Certificates for all Webhosting users
Let’s Encrypt is a free, automated and open Certification Authority. The objective of Let’s Encrypt and the ACME protocol is to make it possible to set up an HTTPS server and have it automatically obtain a browser-trusted certificate, without any human intervention. This is accomplished by running a certificate management agent on the web server.
Plesk plugin is installed by default on all subscriptions, you just need to enable it if you like to use SSL certificate to protect your web site.
Creating SSL Certificates with Let’s Encrypt
To create your SSL Certificate just logon in your Webhosting portal, click on domain you like to create SSL certificates then click on related icon like show below:
If you still don’t have a Webhosting service you can access to Webhosting demo.
HTTPS and SEO
Once again Google dictates the rules to comply with so as not to see its site “penalized” compared to others. We are not talking about the classic penalties already explained in this section .. but we can talk about “positioning factor” as evidenced by one of the first statements provided by Google in 2014: “Https as a positioning factor”.
Starting from January 2017, to help users browse the web safely, Google Chrome will indicate as “NOT SECURE” all those pages that collect passwords or credit cards.
Unlike other positioning factors, implementing an SSL certificate involves difficulties, risks and costs.
- Procedural Security Analysis – Thank you for contacting us!
- Zombie phishing: beware of emails, it could be zombies
- Social engineering: how hackers scam their victims
- What is phishing? Understanding and identifying social engineering attacks
- Avoid Ransomware: That’s why it’s best not to take any risks
- Double extortion ransomware: What they are and how to defend yourself
- Zero-Day attack: what they are and how to defend yourself with SOCaaS
- Monitoring system, an overview
- Backup as a Service (2)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (20)
- Conferenza Cloud (4)
- ICT Monitoring (4)
- Log Management (2)
- News (17)
- ownCloud (4)
- Privacy (6)
- Secure Online Desktop (14)
- Security (6)
- Web Hosting (12)
- Kia Denies Ransomware Attack as IT Outage Continues February 19, 2021Kia Motors America states there is no evidence its recent systems outage was caused by a ransomware attack.
- Attackers Already Targeting Apple's M1 Chip with Custom Malware February 19, 2021A proof-of-concept program infects systems with ARM64-compiled binaries and then reaches out to download additional functionality.
- Omdia's On-Demand Webinars February 19, 2021
- How to Fine-Tune Vendor Risk Management in a Virtual World February 19, 2021Without on-site audits, many organizations lack their usual visibility to assess risk factors and validate contracts and SLA with providers.
- Microsoft Concludes Internal Investigation into Solorigate Breach February 18, 2021The software giant found no evidence that attackers gained extensive access to services or customer data.
- CrowdStrike Buys Log Management Startup Humio for $400M February 18, 2021CrowdStrike plans to use Humio's technology to continue building out its extended detection and response platform.
- Apple Offers Closer Look at Its Platform Security Technologies, Features February 18, 2021In a nearly 200-page document, company offers a detailed overview of Secure Enclave and multiple other security controls in Apple silicon-based Macs and other platforms.
- Microsoft Azure Front Door Gets a Security Upgrade February 18, 2021New SKUs in Standard and Premium preview beef up the security of the content delivery network platform.
- Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy February 18, 2021Multilayered infiltration involved custom malicious tooling, backdoors, and cloaked code, far beyond the skills of script kiddies.
- Data Security Accountability in an Age of Regular Breaches February 18, 2021As the number of vendors impacted by supply chain breaches grows, one constant question remains: Where exactly does accountability for data security lie, and what part do end users play in their own data breach protection?
- [KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability February 20, 2021Posted by research on Feb 19-------------------------------------------------------------- docsify
- Backdoor.Win32.Bionet.10 / Anonymous Logon February 19, 2021Posted by malvuln on Feb 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/be559307f5cd055f123a637b1135c8d3.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Bionet.10 Vulnerability: Anonymous Logon Description: The backdoor listens on TCP port 12348 and allows anonymous logon credentials to be used to access an infected host. Type: PE32 MD5: be559307f5cd055f123a637b1135c8d3 Vuln ID:...
- Backdoor.Win32.DarkKomet.apcc / Insecure Permissions February 19, 2021Posted by malvuln on Feb 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/8c82de32ab2b407451b9fc054c09f717.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.apcc Vulnerability: Insecure Permissions Description: DarkKomet.apcc creates an insecure directory under c:\ drive granting change (C) permissions to the authenticated user group and drops an EXE named...
- Backdoor.Win32.DarkKomet.bhfh / Insecure Permissions February 19, 2021Posted by malvuln on Feb 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/2e507b75c0df0fcb2f9a85f4a0c1bc04.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.bhfh Vulnerability: Insecure Permissions Description: DarkKomet.bhfh creates a hidden insecure directory under c:\ drive granting change (C) permissions to the authenticated user group. The backdoor also drops an EXE named...
- Multiple remote memory corruptions in Telegram's handling of animated stickers February 19, 2021Posted by polict of Shielder on Feb 19I have recently found and reported 13 memory corruptions to Telegram (https://telegram.org), you can find the just-published technical blog post at https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ and advisories at https://www.shielder.it/advisories/ The vulnerable official clients for android, ios and macos have already been patched on september 30 and october 2, have a look […]
- [CSA-2021-001] Cross-Site Request Forgery in Apache MyFaces February 19, 2021Posted by Certitude - Advisories on Feb 19~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~ Ceritude Securiy Advisory - CSA-2021-001 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ PRODUCT […]
- Backdoor.Win32.Agent.aak / Remote Buffer Overflow February 19, 2021Posted by malvuln on Feb 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a_C.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Remote Buffer Overflow Description: The HTTP backdoor server HBKDR v0.3 listens on TCP port 8080 and accepts HTTP POST requests, by sending a specially crafted HTTP HEAD request payload […]
- Backdoor.Win32.Agent.aak / Cross Site Request Forgery (CSRF) - Code Execution February 19, 2021Posted by malvuln on Feb 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Cross Site Request Forgery (CSRF) - Code Execution Description: Backdoor HTTP server HBKDR v0.3 executes commands on the infected host using an HTML form with POST method. The HTML […]
- Backdoor.Win32.Agent.aak / Weak Hardcoded Credentials February 19, 2021Posted by malvuln on Feb 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Weak Hardcoded Credentials Description: The HTTP backdoor server HBKDR v0.3 listens on TCP port 8080 and accepts HTTP POST requests in order to execute commands on the infected system. […]
- Rigged Race Against Firejail for Local Root: Using pipes/ptys to win races February 19, 2021Posted by Roman Fiedler on Feb 18Hello List, 100% reliable exploitation of file system time races (TOCTOU vulnerabilities) may be hard as the timing depends on numerous target system parameters (CPU cores, load, memory pressure, file system type, ...). Instead of optimizing the exploit to win the real race, the timing of Firejail stderr and […]
Analisi di Sicurezza Procedurale Verifica che le operazioni in azienda rispettino gli standard imposti per il trat… https://t.co/HYs4UsX3mP
VPN Aziendali connessioni protette sempre e dovunque Gran parte del lavoro ormai passa per la rete,la sicurezza dev… https://t.co/ZreMXSsS17
Ultimamente ci sono stati casi critici di ransomware degni di nota. L’Universita' Tor Vergata ha subito un attacco… https://t.co/oHVilx0VXx
There have been critical cases of ransomware of note lately. Tor Vergata University suffered an attack that knocked… https://t.co/FQYuyKdAv6
2020 turned out to be a complicated year in many ways. Covid-19 has hit the whole world hard, with significant repe… https://t.co/a0GyChY2H1