Security News

On Monday, security researcher Hanno Böck detailed a memory-leaking vulnerability in Apache HTTP Server that’s similar to the infamous OpenSSL Heartbleed bug uncovered in April 2014. Unlike...

Researchers combed through 2,000 Chrome error reports to better classify HTTPS error warnings.

Google began sending out notices to site owners this month who haven't yet migrated from HTTP to HTTPS warning them that in October their sites will be marked "NOT SECURE."

Certificate Transparency and OCSP Must-Staple can't get here fast enough.

For years, we taught users that a website’s URL that includes https at its very beginning is a relatively good indicator of whether they can safely input sensitive information into it. Most users...

In what appears to be yet another effort to encourage site owners to adopt HTTPS, Google is marking newly registered sites that serve login pages or password input fields over HTTP as unsafe,...

Phishing sites are deploying freely available TLS certificates in order to dupe victims into thinking they're visiting a safe site.

When, in January 2017, Mozilla and Google made Firefox and Chrome flag HTTP login pages as insecure, the intent was to make phishing pages easier to recognize, as well as push more website owners...