Sysadmins rage over Apple’s ‘nightmarish’ SSL/TLS cert lifespan cuts plot Max validity down from 398 days to proposed 45 by 2027 Software15 Oct 2024 | 128
Loads of PostgreSQL systems are sitting on the internet without SSL encryption They probably shouldn't be connected in the first place, says database expert Research07 Oct 2022 | 20
Creator of SSLPing, a free service to check SSL certs, downs tools That freebie that saved your bacon once or twice? Perhaps it's time to drop a bit of cash on it Software12 Apr 2022 | 28
SSL keys, sFTP passwords and more exposed after someone broke into GoDaddy Managed WordPress using 'compromised password' Yikes: Up to 1.2 million customers affected Security22 Nov 2021 | 21
More Salt in their wounds: DigiCert hit as hackers wriggle through (patched) holes in buggy config tool Miscreants too busy mining for crypto to notice the gold lying around them? Security05 May 2020 | 2
It's a cert: Hundreds of big sites still unprepared for starring role in that Chrome 70's show Bloody SSL...it's the final countdown Security09 Oct 2018 | 25
TLS developers should ditch 'pseudo constant time' crypto processing Fixes for Lucky 13-type bugs could still be vulnerable Security21 Aug 2018 | 11
Cisco let an SSL cert expire in its VPN kit – and broke network provisioning brokers Well that's one way to secure systems: deny new trustpoints Networks07 Aug 2018 | 4
GCHQ's infosec crew plans to 'scale up' Web Check to improve uk.gov site security That's the National Cyber Security Centre when it's at home Security27 Mar 2018 | 8
Leading by example: UK.gov's secure server setup is patchy at best Many .gov websites 'broken, misconfigured or insecure' Security20 Mar 2018 | 19
23,000 HTTPS certs will be axed in next 24 hours after private keys leak Trustico, DigiCert come to blows as browsers prepare to snub Symantec-brand SSL Security01 Mar 2018 | 61
UK.gov law resources now untrustworthy, according to browsers justice.gov.uk website SSL certificate expires Security08 Dec 2017 | 16
Oops: LinkedIn country subdomains SSL cert just expired Updated Whew, networking is hard On-Prem30 Nov 2017 | 38
Mozilla devs discuss ditching Dutch CA, because cryptowars We don' want no STEENKIN' proxies, as will be possible under new local laws Security30 Oct 2017 | 69
Scotiabank internet whizzkids screw up their HTTPS security certs Not exactly a move designed to inspire confidence Security08 Sep 2017 | 25
ARM’s embedded TLS library fixes man-in-the-middle fiddle IoT security helper is vulnerable to attacks by malicious peers Security31 Aug 2017 | 6
123-reg resolves secure database access snafu Catches up with https everywhere memo Security28 Jun 2017 | 18
Apple finally teaches Android music app to validate certificates Cupertino's so keen on Android it took eight months to repair interception bug Security10 Apr 2017 | 3
Are you undermining your web security by checking on it with the wrong tools? Probably yes, warns US-CERT in HTTPS interception advisory Security17 Mar 2017 | 12
One IP address, multiple SSL sites? Beating the great IPv4 squeeze Forget IPv6. Names – I want NAMES! PACK. IT. IN Software01 Mar 2017 | 148
What do you give a bear that wants to fork SSL? Whatever it wants! 'BearSSL' strips crypto back to the bare metal Security09 Nov 2016 | 37
User danger declines as two thirds of Chromistas now use HTTPS With Google goggles on, Chrome security performance outshines other browsers Security07 Nov 2016 | 9
GlobalSign screw-up cancels top websites' HTTPS certificates Final update Revoked certs may linger for days, locking people out of sites SaaS13 Oct 2016 | 35
Intel's Crosswalk open source dev library has serious SSL bug You know the drill, people: patch and push Security31 Jul 2016 | 10
WordPress pushes free default SSL for hosted sites World's favourite one-stop pop-shop now harder to hack. Security11 Apr 2016 | 21
Security industry too busy improving security to do security right PCI Council delays SSL migration date to 2018, so cruddy credit crypto continues Security21 Dec 2015 | 35
No root for you! Google slams door on Symantec certs Google being 'alarmist' claims Symantec Security11 Dec 2015 | 35
Free HTTPS certs for all – Let's Encrypt opens doors to world+dog How-to And it's pretty easy to install via a command line Security03 Dec 2015 | 78
CloudFlare intros HTTP/2, so we can ‘spend holiday time with our family’ So … erm, that’s a good thing, probably SaaS03 Dec 2015 | 11
Fuming Google tears Symantec a new one over rogue SSL certs We've got just the thing for you, Symantec ... Security29 Oct 2015 | 36
Cobweb 'fesses up to failure to renew SSL certificate It was a 'technical' issue Security23 Oct 2015 | 7
O2 joins Virgin Media as member of weak crypto software club Operator promises El Reg it'll all be fixed before browsers deep-six support Security21 Oct 2015 | 12
Faked NatWest, Halifax bank sites score REAL security certs Netcraft wonders if CAs are taking verification rules seriously Security13 Oct 2015 | 46
So how do Google's super-smart security folk protect their data? You'll be surprised Security24 Sep 2015 | 31
Symantec fires staff caught up in rogue Google SSL cert snafu When your business is built on making secret numbers, don't make it look too easy Channel21 Sep 2015 | 19
John McAfee launches cert authority but it's got a POODLE problem BlackCert working on internet-of-thing security bling Security13 Aug 2015 | 12
'Logjam' crypto bug could be how the NSA cracked VPNs Updated Johns Hopkins crypto boffin spots FREAK-like protocol bug Security20 May 2015 | 45
IETF updates TLS/SSL best practice guidance Staunch HEARTBLEED, kick POODLE and make it to lunch on time Networks07 May 2015 | 20
Zuck'ed up: Facebook opens up free internet in India – but bans HTTPS Encryption not allowed through Internet.org's service Networks04 May 2015 | 32
Instagram's HTTPS cert expires, millions of crap photographers panic Hipster photo platform doesn't do much for security bods Legal30 Apr 2015 | 9
Man-in-the-Middle diddle hits 25,000 iOS apps Big banks' apps borked by silly certificate SNAFU Security28 Apr 2015 | 4
Web advertising giant (Google) to spew ads over web – using HTTPS Pledge to SSL billboards by summer Networks20 Apr 2015 | 9
Netflix's house of cards to be fortified with HTTPS appliance Crypto overheads could have cost video attic 'hundreds of millions' of dollars Networks17 Apr 2015 | 4
Mozilla piles on China's SSL cert overlord: We don't trust you either Joins Google in shunning CNNIC – the Middle Kingdom's root certificate authority SaaS02 Apr 2015 | 21
RAGING Google SLAPS naughty Chinese root cert kingpins CNNIC Certificate dodginess leads to Chrome banhammer SaaS02 Apr 2015 | 25
Met Police in egg/face blunder as shop-a-crim site's SSL cert expires Rozzers play fast and loose with concerned citizens' security Security02 Apr 2015 | 35
FREAKing hell: ALL Windows versions vulnerable to SSL snoop Relax! We've got a (server-knackering) workaround to sort things out, says Microsoft Security06 Mar 2015 | 63
FREAK show: Apple and Android SSL WIDE OPEN to snoopers OpenSSL, iOS and OS X tricked into using weak 1990s-grade encryption keys Security03 Mar 2015 | 68
EFF fears crims are getting smart to Superfish SSL flaws Certificate flaws spotted in variety of important sites Security27 Feb 2015 | 9
Bad dog! PrivDog chews HTTPS, hurls clear text Scolded puppy to learn better security Security26 Feb 2015 | 5
SSL-busting adware: US cyber-plod open fire on Comodo's PrivDog Updated Superfish sequel: I'm looking at the man in the middle Security24 Feb 2015 | 40
Superfish: Lenovo ditches adware, but that doesn't fix SSL megavuln – researcher Here's how to zap the ad-injecting crapware Security19 Feb 2015 | 65
Sage Pay anti-POODLE upgrade REDUCED security - briefly Secure payments on Win XP (snigger) bared to world+dog, argue securo-bods Channel04 Feb 2015 | 7
Google boffins PROVE security warnings don't ... LOOK! A funny cat! Designing a UI people care about is harder than it looks Security02 Feb 2015 | 46
We chat to CloudFlare about its 'EVERYBODY GETS SSL' venture Interview Has gutsy move generated biz? SaaS24 Oct 2014 | 8
Man bites dog: HTTPS-menacing POODLE is 'hard to exploit' – unless you're on public Wi-Fi Analysis Avoid sketchy pub wireless, warn infosec bods Security16 Oct 2014 | 11
Admins! Never mind POODLE, there're NEW OpenSSL bugs to splat Poodle Four new patches for open-source crypto libraries Security15 Oct 2014 | 11
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE) So nasty no one's even whispering until patch is out Security14 Oct 2014 | 44
CloudFlare: You get SSL, and you get SSL, EVERYBODY GETS SSL! Web cache biz to hand out certificates to all free customers Security29 Sep 2014 | 2
Hackers-for-hire raided 300 banks, corporates for TWELVE YEARS Phony cracker biz looked legit Security16 Sep 2014 | 10
Salesforce: Oh no! Dyre RATs are thirsty for our customers' logins But attacks weren't the cause of server outage, we're told Security08 Sep 2014 | 2
Amazon flicks switch on CloudFront security features Perfect Forward Secrecy added to SSL suite Security21 Aug 2014 | 2