A number of companies were exposed for not encrypting sensitive information on their mobile apps, including credit card data! Meanwhile, a possible early termination of SHA-1 could lead to a lack of access on certain websites. To hear more, just click play!
IT Rewind Featured Stories:
Did our short segment leave you wanting more? Check out the original articles of stories we covered!
, Jeremy Kirk, @
Continuum's Must-Read Blog Post This Week
I receive a number of sales emails and correspondence throughout any given week. Some pique my interest, some I just brush off and ignore. But I received one the other day that was just plain BAD!
Upon first glance, the email copy may not seem as horrendous. Below, however, I share and dissect the message to show MSPs how NOT to write a sales email and provide tips for your next prospect send!
What Else Is New in the IT Channel?
Now that you've seen our top picks for this week, here are some more stories that made the headlines. Have a suggestion for a story that we should cover next week? Let us know by commenting below or tweeting @FollowContinuum or @BenDBarker!
Credit card security:
Tender Armor Adding New Layer of Security to Credit Card Transactions
eWeek, @, Sean Michael Kerner
Security stories to watch:
IT Security Stories to Watch: Target, Banks Agree to Breach Settlement
MSPmentor, @, Dan Kobialka, @
Taking down Dorkbot:
Microsoft, Law Enforcement Collaborate in Dorkbot Takedown
Threatpost, @, Chris Brook
Hello everyone and welcome to this week’s edition of IT Rewind. Today, we look into a number of companies that weren’t encrypting payment information on their mobile apps, and why millions of users may be blocked from encrypted websites. You’ll hear more about these stories right now on IT Rewind!
A recent discovery by Wandera, a cloud and mobile security vendor, has left a number of companies scrambling to fix encryption issues within their mobile apps. 16 companies were ousted by the Wandera blog after it was discovered that they weren’t using SSL/TLS in their mobile apps. As a result, login credentials, personal information and payment card data could have easily been intercepted by someone on the same network. Included in the 16 named companies was easyJet, Chilltern Railways, San Diego Zoo, CN Tower and Aer Lingus. Since the release of the blog post, 5 of the 16 companies have fixed the issue with their mobile apps.
Websites using only digital certificates signed with the SHA-2 hashing algorithm may not be available to users trying to access them over the HTTPS protocol. According to Facebook and CloudFare, browser makers are considering retiring the SHA-1 function earlier than initially expected. Initially, it was recommended that SHA-1-signed certificates should not be issues after Jan. 1 2016. However, after a new way to break SHA-1 was discovered, some browsers, including Mozilla and Microsoft have considered an even earlier cut off date. If the websites that still use SHA-1 certificates don’t get new certificates signed with SHA-2 before the browsers start cutting off SHA-1, users will be unable to access those sites.
That’s all the time that we have for this week’s episode of IT Rewind, As always, read the full stories that we covered today and other tech stories by clicking on the links below as well as the featured Continuum blog post of the week. This week, our own Nate Teplow shows you how NOT to write a sales email.
Of course, you can always find us on Twitter, Instagram and Vine at FollowContinuum. We’re also on Facebook, LinkedIn, Spiceworks, YouTube and Periscope.
Take it easy.
Don't you want to find more leads?