Majority of the world’s top million websites use HTTPS

The adoption of the protocol’s secure variant has continued its growth spurt in recent months, crossing the 50-percent milestone for the first time ever. More than one-half (51.8 percent) of the one million most visited websites worldwide now actively redirect to HTTPS, the secure version of the HTTP protocol over which data between a device … More Majority of the world’s top million websites use HTTPS

All HTTP websites to soon be marked as “not secure” by Google Chrome

If you’re still running a website that is still using insecure HTTP then it’s time to wake up and drink the coffee. Because unless you take action soon, you’re going to find many of your visitors are going to distrust your website. The reason? Google is pushing ahead with its plan for the Chrome browser … More All HTTP websites to soon be marked as “not secure” by Google Chrome

Homograph attacks: Don’t believe everything you see

Just as attackers are finding new, increasingly sophisticated ways to try and evade the detection techniques used by antiviruses, they are also improving their methods designed to trick the user or at least evade the main techniques that tend to be taught in standard IT security training. Despite this, we can always take another step forward to strengthen … More Homograph attacks: Don’t believe everything you see

Google to draw attention to insecure HTTP websites

Google is looking to deliver even greater transparency when it comes to online security by identifying publicly – or “marking”, as it puts it – websites that are not as secure as they should be. In a blog, Emily Schechter, a product manager within the tech giant’s Chrome security team, revealed that as of 2017, its browser … More Google to draw attention to insecure HTTP websites

One-third of HTTPS websites left vulnerable to DROWN attack

A new vulnerability could leave as many as one-third of HTTPS websites open to decryption, meaning that sensitive data including usernames, passwords and credit card numbers could be at risk. The vulnerability has been dubbed DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) and affects servers using an SSLv2 certificate. The website for DROWN states that as many as 33% of sites … More One-third of HTTPS websites left vulnerable to DROWN attack