Security News

The U.S. Department of Homeland Security (DHS) has issued a binding operational directive requiring all federal agencies to start using web and email security technologies such as HTTPS, DMARC and...

In its sustained quest to bring encryption to all existing Web sites, Google has announced that it will start enforcing HTTPS for the 45 Top-Level Domains it operates. How will it do that? You may...

read more

On Monday, security researcher Hanno Böck detailed a memory-leaking vulnerability in Apache HTTP Server that’s similar to the infamous OpenSSL Heartbleed bug uncovered in April 2014. Unlike...

Researchers combed through 2,000 Chrome error reports to better classify HTTPS error warnings.

Google began sending out notices to site owners this month who haven't yet migrated from HTTP to HTTPS warning them that in October their sites will be marked "NOT SECURE."

Certificate Transparency and OCSP Must-Staple can't get here fast enough.

For years, we taught users that a website’s URL that includes https at its very beginning is a relatively good indicator of whether they can safely input sensitive information into it. Most users...

In what appears to be yet another effort to encourage site owners to adopt HTTPS, Google is marking newly registered sites that serve login pages or password input fields over HTTP as unsafe,...

Phishing sites are deploying freely available TLS certificates in order to dupe victims into thinking they're visiting a safe site.