University SSL implementation found lacking
An important element of any website is the suite of defenses in place to keep it secure. The internet is home to canny criminals hoping to exploit any vulnerability they may find. Site owners and corporate entities can fight back against exploitation by purchasing security features such as a Thawte SSL certificate.
Some websites, however, remain at significant risk. A recent TechWeekEurope investigation uncovered security holes at several major universities, underlining the need for constant attention to user safety and partnerships with trustworthy SSL certificate providers.
Higher education weakness
TechWeekEurope reported that there are many institutions, including top colleges in the U.K., with weak security features defending their internet connections. The source stated that these deficiencies could allow attackers to seize control of accounts or simply lift user information to exploit the victim's other logins.
The source stated that many users with SSL functionality are still vulnerable because of poor configuration. The source reported that allowing connections with older, insecure protocols could put websites at risk. Unfortunately, researchers found that one-third of popular websites still have that vulnerability.
"According to our research statistics, a very large number of servers are deployed with insecure defaults that enable all protocols and cipher suites, even the weak ones. Even among the world’s most popular websites," SSL expert Ivan Ristic told the source.
Danger rates high
The BBC recently reported that online identity theft is on the rise. Citing data compiled by credit score firm Experian, the news provider stated that the process is now more widespread than ever but many consumers still have low awareness, not realizing they have been victimized until problems occur with a credit payment. The source stated that thieves have recently lifted personal information from high-profile sources such as Yahoo and the forums for Android and Nvidia.