HTTPS

Pierluigi Paganini July 22, 2019
Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Bad news for citizens of Kazakhstan, the government is beginning to intercept all the encrypted traffic, and to do it, it is forcing them to install a certificate. The Kazakhstan government is beginning to intercept all the encrypted traffic and to do it is forcing users in the country to install a certificate. The Kazakhstan […]

Pierluigi Paganini April 03, 2019
Crooks use hidden directories of compromised HTTPS sites to deliver malware

Security experts at Zscaler discovered that threat actors are using hidden “well-known” directories of HTTPS sites to store and deliver malicious payloads. Crooks are utilizing hidden “well-known” directories of HTTPS sites running WordPress and Joomla websites to store and serve malicious payloads. Hacked websites were used for several malicious purposes, experts observed compromised WordPress and […]

Pierluigi Paganini May 19, 2018
Chrome evolves security indicators by marking with a red warning for HTTP content

Starting with Chrome 70, Google will mark with a red warning for HTTP content, Big G is continuing its effort to make the web more secure. Since January 2017, Chrome indicates connection security with an icon in the address bar labeling HTTP connections to sites as non-secure, while since May 2017 Google is marking newly registered sites that […]

Pierluigi Paganini March 06, 2018
Facebook improves link security infrastructure by implementing HSTS Preloading

Facebook has implemented HSTS preloading that instructs a browser to always use SSL/TLS to communicate with eligible websites. Facebook has upgraded its link security infrastructure to include HTTP Strict Transport Security (HSTS) preloading that instructs a browser to always use SSL/TLS to communicate with eligible websites. Facebook and Instagram links will automatically update from HTTP […]

Pierluigi Paganini September 17, 2017
Chrome will label Resources delivered via FTP as “Not Secure”

Google continues the ongoing effort to communicate the transport security status of a given page labeling resources delivered via FTP as “Not secure” in Chrome, Last week, Google announced that future versions of Chrome will label resources delivered via the File Transfer Protocol (FTP) as “Not secure.” The security improvement will be implemented starting with […]

Pierluigi Paganini September 09, 2016
Chrome will mark HTTP connections to websites as non-secure from January 2017

From January 2017, Chrome will indicate connection security with an icon in the address bar labeling HTTP connections to sites as non-secure. Google continues its effort to make the web a better place by pushing the adoption of encryption, we left the IT giant in May when it announced the decision to switch on default HTTPS […]

Pierluigi Paganini May 04, 2016
Google is bringing HTTPS to all blogspot domain blogs

Google decided to switch on default HTTPS for its free domain service provider Blogspot, the migration will be easy and transparent for the users. After WordPress also Google decided to switch on default HTTPS for its free domain service provider Blogspot. The measure will impact millions of users of the popular platform. Since September 2015 Google had introduced […]

Pierluigi Paganini April 11, 2016
WordPress pushes Free HTTPS Encryption for all its blogs

WordPress announces “HTTPS Everywhere, Encryption for All WordPress.com Sites,” millions websites will be secured without users’ effort. WordPress is pushing free default SSL for all the website running the popular CMS and hosted on WordPress.com, that means over 26% of websites based on the most popular CMSs on the web will be secured (Statistics by W3techs). […]

Pierluigi Paganini March 02, 2016
33 percent of all HTTPS websites open to DROWN attack

Security experts presented the DROWN attack that exploits a new critical security vulnerability affecting the OpenSSL. Security experts have discovered a new critical security vulnerability affecting the OpenSSL, it has been estimated that more than 11 Million websites and e-mail services are open to cyber attacks. The new attack, dubbed DROWN (stands for Decrypting RSA with […]

Pierluigi Paganini November 26, 2015
IoT devices are re-using cryptographic keys, leaving in danger millions of devices

Researchers from SEC consult analyzed more than 4000 firmware’s embedded devices, where is included devices belonging to 70 vendors. The findings are astonishing! Researchers from SEC consult analyzed more than 4000 firmware’s embedded devices, where is included devices belonging to 70 vendors. The categories of devices analyzed include Internet gateways, routers, modems, IP cameras, VoIP […]