From today, Google Chrome starts marking all non-HTTPS sites ‘Not Secure’

Starting today with the release of Chrome 68, Google Chrome prominently marks all non-HTTPS websites as ‘Not Secure’ in its years-long effort to make the web a more secure place for Internet users.

So if you are still running an insecure HTTP (Hyperte… Continue reading From today, Google Chrome starts marking all non-HTTPS sites ‘Not Secure’

Google Chrome Bans Chinese SSL Certificate Authorities WoSign and StartCom

As a punishment announced last October, Google will no longer trust SSL/TLS certificate authorities WoSign and its subsidiary StartCom with the launch of Chrome 61 for not maintaining the “high standards expected of CAs.”

The move came after Google wa… Continue reading Google Chrome Bans Chinese SSL Certificate Authorities WoSign and StartCom

Symantec API Flaws reportedly let attackers steal Private SSL Keys and Certificates

A security researcher has disclosed critical issues in the processes and third-party API used by Symantec certificate resellers to deliver and manage Symantec SSL certificates.

The flaw, discovered by Chris Byrne, an information security consultant an… Continue reading Symantec API Flaws reportedly let attackers steal Private SSL Keys and Certificates

Google becomes its own Root Certificate Authority

In an effort to expand its certificate authority capabilities and build the “foundation of a more secure web,” Google has finally launched its root certificate authority.

In past few years, we have seen Google taking many steps to show its strong supp… Continue reading Google becomes its own Root Certificate Authority

Google Chrome to Label Sensitive HTTP Pages as “Not Secure”

Although over three months remaining, Google has planned a New Year gift for the Internet users, who’re concerned about their privacy and security.

Starting in January of 2017, the world’s most popular web browser Chrome will begin labeling HTTP sites that transmit passwords or ask for credit card details as “Not Secure” — the first step in Google’s plan to discourage the use of sites that

Continue reading Google Chrome to Label Sensitive HTTP Pages as “Not Secure”

Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains

A Chinese certificate authority (CA) appeared to be making a significant security blunder by handing out duplicate SSL certificates for a base domain if someone just has control over its any subdomain.

The certificate authority, named WoSign, issued … Continue reading Chinese Certificate Authority ‘mistakenly’ gave out SSL Certs for GitHub Domains

WordPress enables Free HTTPS Encryption for all Blogs with Custom Domain

Do you own a custom domain or a blog under the wordpress.com domain name?
If yes, then there is good news for you.
WordPress is bringing free HTTPS to every blog and website that belongs to them in an effort to make the Web more secure.
WordPress – free, open source and the most popular a content management system (CMS) system on the Web – is being used by over a quarter of all websites across

Continue reading WordPress enables Free HTTPS Encryption for all Blogs with Custom Domain

More than 1 Million Websites Install Free SSL Certificate (and Counting…)

Let’s Encrypt has achieved another big milestone by issuing 1 million free Transport Layer Security (TLS) SSL Certificates to webmasters who wish to secure the communications between their users and domains.

Let’s Encrypt – operated by the Internet Security Research Group (ISRG) – is an absolutely free, and open source certificate authority recognized by all major browsers, including

Continue reading More than 1 Million Websites Install Free SSL Certificate (and Counting…)