Connected objects: unavoidable in DDoS attacks?

  Nowadays consumers use and are around connected objects. The Internet of Things (IoT) includes all connected objects like a connected refrigerator, captor, light bulb, security camera, router or even a thermostat control. Their common point? To have an IP address and to be connected to communicate. According to the American company Gartner, connected objects will reach 20.5 billion units by 2020. We will face an impressive growth of IoT in the years to come. China, North America and West... Read More

Let’s talk about DNSSEC

DNSSEC has taken shape, and has become essential in security process recommended by ANSSI as well as the web in general. And yet, it’s a barbaric term that is often scary as we don’t know how it works and what it’s used for. This article will focus on clarifying this term. The Domain Name System Security Extensions is a standardized protocol of communication allowing to resolve security problems related to DNS. We will begin by a reminder of what is the DNS. What is the DNS? S... Read More

Towards a 100% encrypted web, the new challenges of HTTPS

Between Mars, 2016 and Mars, 2017, Let’s Encrypt has issued 15 270 SSL certificates containing “PayPal” term, 14 766 of these certificates were issued for domains leading to phishing websites. It’s the result of the recent analysis led by Vincent Lynch, SSL expert.     Lynch was closely interested in this case, after an interesting article published by Eric Lawrence (Google Chrome Security Team) in January 2017, the image above is from this article named “Certified Malice “which expos... Read More

HTTPS and SSL: Google continues its offensive

Chrome 53 launched on 31 August 2016 and with it Google is continuing its offensive for a safer internet. With its Chrome navigator, Google signals even more clearly when as site does not use httpS on its landing page. And the version to come will continue in this vein barring purely and simply HTTP with a Red cross. This  ‘ugly defacement’ will be difficult to accept on corporate websites, in particular well-known brands. Firefox has already announced a similar measure. Add to that the httpS... Read More