The developer of Oil and Gas International (OGI), a Texas-based website for petroleum industry news, has filed a complaint on the Mozilla bug tracker, accusing Firefox of wrongly labeling his website as insecure.
In an advisory sent to enterprises across the US, the Department of Homeland Security's US-CERT group is warning that security products which perform HTTPS interception might weaken a company's overall security.
A large chunk of the 120,000 Chromebooks deployed at Maryland's Montgomery County schools went down last week after computers using Symantec BlueCoat security software weren't able to handle TLS 1.3 connections that Google started supporting with the release of Chrome and Chrome OS 56.
The way in which Firefox caches intermediate CA certificates allows a third-party to deduce various details about website visitors and also link advertising profiles to private browsing sessions.
Experts from Sudo Security Group have discovered that at least 76 of the most popular iOS apps available through Apple's App Store have failed to properly implement TLS encryption and expose their users to silent MitM (Man-in-the-Middle) attacks.
Google announced yesterday plans to become a self-standing, certified, and independent Root Certificate Authority, meaning the company would be able to issue its own TLS/SSL certificates for securing its web traffic via HTTPS, and not rely on intermediaries, as it does now.
Mozilla's security team previewed today a new set of indicators that will be added to Firefox 51, set for launch on Monday, January 23, and subsequent Firefox versions.
Tavis Ormandy, one of Google Project Zero's most proficient security researchers, has identified two issues in the way Kaspersky security products inspect HTTPS traffic for web threats.
After announcing earlier this year plans to force all iOS app developers to deploy HTTPS starting with 2017, Apple postponed its deadline indefinetly, to give app makers more time to migrate their app and backend infrastructures.
WordPress creator and Automattic founder Matt Mullenweg announced today that upcoming versions of the WordPress CMS would include features that would require hosts to support HTTPS.
Mozilla engineers are preparing a very intrusive, but quite useful method of warning users that they're about to enter sensitive passwords and login via an insecure HTTP connection.
The number of HTTPS errors is about to go up as Google announced plans to remove support for SSL/TLS certificates signed with the SHA-1 cryptographic hash algorithm. Google plans to take this step with Chrome 56, scheduled for release at the end of January 2017.