Google began sending out notices to site owners this month who haven’t yet migrated from HTTP to HTTPS warning them that in October their sites will be marked “NOT SECURE.”

Tor cofounder Roger Dingledine sets the record straight at DEF CON on popular myths, and at the same time teases upcoming features.

Two IP cameras sold by Loftek and VStartcam are leaving over 1.3 million users open to 21 vulnerabilities that range from a lack of HTTPS encryption to bugs that open users up to cross-site request forgery attacks.

Leading certificate authority Let’s Encrypt is facing criticism that its rapid growth and eagerness to encrypt internet communications is happening at a cost.

A thorough review of the top 1 million websites reveals 93 percent fail Mozilla’s Observatory security review.

Phishing sites are deploying freely available TLS certificates in order to dupe victims into thinking they’re visiting a safe site.

Apple takes countermeasures to neutralize OSX/Dok HTTPS-snooping malware by revoking a hijacked certificate updating its XProtect built-in anti-malware software.

Starting with Chrome 62, Google will start marking any HTTP page where users may enter data, and any HTTP page visited in incognito mode

Academics argue that Netflix’s recent upgrade to HTTPS is doing little to protect its users from a passive traffic analysis attack.

Justin Schuh, lead engineer of Chrome Security, said ensuring browser security for Chrome users is a balancing act juggling OEM pressures, questionable certificate authorities and quashing third-party software incompatibility issues.