APIs – friend or foe?

APIs are everywhere in modern day life. We rely on them to access services on mobiles, tablets and laptops. Without them our day-to-day life wouldn’t be the same. Yet they are also increasing the attack surface. Are they really a friend to e-commerce or to cybercrime?

e-Commerce’s friend
APIs are not new. They’ve been around a long time. APIs are key to building scalable web-based applications as they allow and manage the interaction between 2 online connected services.

Does the security auditor have a point?

On a recent flight, I was sat next to a security auditor. He asked “can someone steal keys used to encrypt credit cards from the server memory?” It depends, was my reply. But his question left me wondering. Why hasn’t anyone built a server side white box implementation?

Why does it depend?
Like any implementation, some are more secure than others. If the server side code was using ‘standard cryptographic APIs’ and they were black box implementations then

Bringing trust back into the relationship

Browser security isn’t a new problem. Apple, Google, Microsoft and Mozilla have put a huge amount of effort into enabling consumers to have a secure browsing experience. But who’s thinking about the web site operators and their secure browsing experience?

Trust online
Internet trust is dependent on certification authorities; with TLS/SSL being the most commonly used technology for securing electronic commerce transactions online. It’s all about enabling the consumer to access web services and be reasonably confident they know who they are talking to.

Hacking is only 1 threat – litigation looms large

There’s no doubt about it, cyber-attacks are increasing. A consequence of this is a rise in cybersecurity litigation. Interestingly, that litigation may not necessarily be directed against the cybercriminals. Instead, it is likely to be another threat that the breached company has to deal with.

Gaining momentum
Just as cyber-attacks are generating publicity, so too are the subsequent litigation activities. What makes them newsworthy seems to be the dollar amount.

Is the next-generation white box cryptography the new Jedi?

In Star Wars: The Force Awakens, the sinister First Order dominates the galaxy, with only a small band of trusted resistance fighters left. What’s the link to today’s software world you may ask? It all comes down to the power of cryptography to defeat the dark side.

In this software controlled world the need for software protection is unavoidable. This protection extends to all aspects of day-to-day life. It could be securing your credit card details when shopping on line or a business safeguarding a remote network connection to even protecting premium content such as a blockbuster movie.

Cyber-attacks: it’s no longer if but when

The Internet has transformed how businesses operate today. Never before has so much been done online. The dark side to this connectivity is that the threat of cybercrime is increasing and becoming more professional. It’s no longer a case of if you will fall victim to a cyber-attack but when. Are you ready?

No business is immune
It’s not just Irdeto’s cyber-services team which is witnessing a growing concern about cyber-attack threats.

When hacking turns bad

What if I told you the Internet was built by hackers or that Facebook’s Mark Zuckerberg has been called a hacker. Would you believe me? To fully understand the hacking threat, first we should know more about the hacking mind.

The hacking mind
Although predominately associated with the online world the hacking mindset is not limited to those in the computer field. The characteristics can be equally found in the world of art or science.

Are you causing a crack in the corporate IT’s ‘egg-shell’ security?

Many of us work for organizations with an established corporate IT department. IT determines the security policies; sets the protocols, permissions and instructs employees on the best practice. Given the cyber risks that organizations now face is ‘egg-shell’ security enough?

Some of you may remember Bob from my previous post. Let’s continue to see what Bob is doing to explore how safe corporate IT really is.

The DarkNet and its role in online piracy

Thanks to the highly publicized sentencing of Ross Ulbricht, founder of the online blackmarket place – Silk Road, the general awareness of the DarkNet is increasing. Yet, the importance of the DarkNet to our customers isn’t about supply of illegal drugs or fake passports; it is its growing role in evolving online piracy.

What’s what?
Before diving into the detail of the emerging trends that we’re seeing, let’s start by putting things into context.