Google will distrust of Symantec SSL certificates — stay on the safe side!

A heated discussion between Google and Symantec regarding the validity of some SSL certificates proceeded throughout the whole last year.  13 month-long grace period was given to allow Symantec to do some internal cleanup, rebuild their infrastructure and deal with the compliance issues. But In the end, Google announced the plans to distrust all Symantec certificates issued prior to the infrastructure overhaul.

How it will work out, how this all will impact common Internet users and why April 17, 2018 can be the big day for your site? Read more — https://itsvit.com/blog/google-distrust-symantec-ssl-certificates-important/

The Security Vulnerabilities in Elasticsearch Cluster

More than a thousand NFL players and their agents realized that their personal data compromised this January. All because of several Elasticsearch security vulnerabilities. Nearly 4 thousand Elasticsearch machines deployed on AWS have been infected with JackPOS and AlinaPOS malware.

How was this even possible? Will your Elastic cluster be also hacked? Are you still sure your workflow is absolutely secured? Here are some steps to follow in order to improve the protection of ES cluster and hanging thieves out to dry! — https://itsvit.com/blog/will-elastic-cluster-hacked/

But from the get-go, all the projects that demand using the Elastic cluster, have to be protected with a third-party authentication module to prevent any potential security breach through weak ES authentication protocols.