HTTPS

GDS boosts government security with HTTPS/HSTS and DMARC

GDS boosts government security with HTTPS/HSTS and DMARC

By

The Cabinet Office's Government Digital Service has mandated that all UK government agencies should be using HTTPS and DMARC to increase their online defences.

Cloudflare looks to TLS 1.3 to secure internet

Cloudflare looks to TLS 1.3 to secure internet

By

Amongst various security features, cloud-provider Cloudflare looks to TLS 1.3 to secure internet.

Google to start encryption shaming

Google to start encryption shaming

By

Google will start shaming websites for not encrypting connections between the user and the site itself by telling users exactly when they are visiting HTTP sites

2 Minutes On: DROWNing in SSL2 connection requests - the web's latest large-scale vulnerability

2 Minutes On: DROWNing in SSL2 connection requests - the web's latest large-scale vulnerability

By

One of the latest large scale web vulnerabilities, dubbed DROWN (Decrypting RSA with Obsolete and Weakened Encryption), again targets SSL.

WordPress sets up default HTTPS encryption for custom domains

WordPress sets up default HTTPS encryption for custom domains

By

WordPress has turned on HTTPS encryption for every custom domain hosted on WordPress.com. The publishing platform started working with the certificate authority Let's Encrypt to launch a beta rollout of HTTPS earlier this year.

Researchers manage to derive user info from HTTPS

Researchers manage to derive user info from HTTPS

By

Researchers have demonstrated how encrypted comms traffic can be used to extract data on users' operating systems, browsers and applications.

Mathletics coding error provokes security upgrades

By

A coding error that transmits children's login details has been discovered in the mathematics e-leaning platform, Mathletics

Encryption increasingly used to hide attacks, says new report

Encryption increasingly used to hide attacks, says new report

By

Dell's new threat report adds further evidence to support the observation that attackers are increasingly hiding activity within HTTPS.

Nine percent of HTTPS hosts on the web "share the same private keys"

Nine percent of HTTPS hosts on the web "share the same private keys"

By

Stefan Viehböck, senior security consultant at SEC Consult, examined 4000 devices from 70 vendors and found widespread reuse of private keys.

Free automated open encryption certification launches in September

By

Describing itself as the first free and automated certificate authority, Let's Encrypt, launches on 14 September.

Google to encrypt most ads from June

By

Google has announced that it plans to encrypt most ads placed on the search engine from this summer, in a big to combat growing malvertising attacks.

'Freak' SSL flaw affects mobile browsers, thousands of websites

'Freak' SSL flaw affects mobile browsers, thousands of websites

By

Security researchers have discovered the latest SSL/TLS vulnerability, which leaves around 12 percent of all websites open to MiTM attacks and potential data loss.

Son of Superfish, Lenovo bloatware variants start to surface

Son of Superfish, Lenovo bloatware variants start to surface

There are as many as a dozen variants of the Superfish bloatware found last week on Lenovo laptops, it has been discovered.

Prime minister wrong on encryption say experts

Prime minister wrong on encryption say experts

By

Prime minister David Cameron's perceived criticism of encryption technologies has prompted a staunch defence from the information security community.

'Let's Encrypt' aims to drive adoption of HTTPS

'Let's Encrypt' aims to drive adoption of HTTPS

By

Some of the world's biggest security companies are working together to develop 'Let's Encrypt' - a new certificate authority (CA) offering free and automatically renewable HTTPS web encryption.

Rogue Tor exit node injects malware into downloaded binaries

Rogue Tor exit node injects malware into downloaded binaries

By

A security researcher has discovered a 'bad' Russia-based Tor exit node which was being used to inject malware into downloaded binary files.

Website encryption boosted by Google promotion of HTTPS

Website encryption boosted by Google promotion of HTTPS

By

The latest change in Google's search engine optimisation (SEO) algorithm looks set to boost the uptake of encryption for websites by rating sites using HTTPS higher than those with HTTP.

Internet of Things - Top Ten concerns

Internet of Things - Top Ten concerns

Mark O'Neill suggests that his top ten potential vulnerabilities of the Internet of Things (IoT), need to be considered now, before mass deployment.

HTTPS: not as secure as previously thought?

HTTPS: not as secure as previously thought?

By

Tapping Gaussian functions to analyse which HTTPS pages are being accessed exposes website usage.

Google announces deployment of 2048-bit SSL certificates

Google announces deployment of 2048-bit SSL certificates

By

Google has announced that it is to strengthen its SSL certificates, implementing 2048-bit certificates.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US