Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Half of Britain's financial institutions are using weak SSL certificates

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

January 5, 2016

According to a new report produced by Xiphos Security Research, about fifty-one percent of Britain's high street financial institutions are currently using weak SSL certificates on their user authentication login pages.

This new revelation is shocking in light of similar weak login portals at other banks and financial institutions, not just in the United Kingdom but abroad as well.

A recent assessment published yesterday of more than 84,000 U.K. and foreign-owned banking institutions in November 2015 by the international information security firm revealed that more than 50 percent were running SSL certificates that could expose their customers data to unwarranted risks.

Various issues identified included SSL certificate instances that may be vulnerable to well-documented attacks, such as CRIME and POODLE, as well as other similar cryptographic flaws.

At least for now, Xiphos S.R. isn't naming the affected banking organizations but its findings are nonetheless credible since individual instances of banks and financial institutions failing to update their portals in the weeks after serious crypto flaws (such as POODLE) are well documented.

Xiphos may not have been able to contact many of the impacted organizations just yet, a factor that led it to avoiding naming names. But that could change soon since this is a growing problem that needs to be addressed.

In various cases where it couldn’t contact organizations directly, it passed on its findings via the Financial Conduct Authority and NCA (National Crime Agency).

Source: Xiphos Security Research.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer