News

All the latest from SSLGURU LLC
4 Oct 2019

In 2019 275 million personal records were exposed from an unsecured MongoDB database hosted on an Amazon AWS infrastructure. This exposed things like names, email addresses, genders, dates of birth, phone numbers, and more. Also, 198 million records of potential car buyers, 188 million records from Pipl.com and LexisNexis, and 134 million records ...


More »

16 Jul 2018

Starting in July, Google Chrome will mark all HTTP sites as “not secure,” according to a blog post published today by Chrome security product manager Emily Schechter. Chrome currently displays a neutral information icon, but starting with version 68, the browser will warn users with an extra notification in the address bar. Chrome currently ...


More »

10 Jul 2018

A reader reported receiving a message in Google Search Console about a self-signed SSL certificate. Google has been sending warnings about this for years. A self-signed SSL certificate is one that is issued by a server and not by a certificate authority (Comodo, Digicert, etc.). Self-signed SSL certificates will also cause browsers to issue a ...


More »

8 Sep 2017

Equifax had weeks to prepare for its breach notification, so its decision to do so via a basic Wordpress site (oh, err) using a free shared CloudFlare SSL cert is somewhat puzzling. “For some reason Equifax used the 6 weeks to set up a new domain asking for SSN numbers, with anonymous Whois on Cloudflare,” said security consultant Kevin ...


More »

30 May 2017

Everything started in 2014 when Google announced about using SSL as a ranking signal in Google Search Algorithm. Next step made by the the giant was to flag unencrypted websites as insecure in Chrome browser, displaying a red “X” over a padlock in the URL bar. Mozilla Firefox also took steps to fully encrypte and make the Internet a safer ...


More »

16 Feb 2017

In case you were wondering how to view SSL certificates with the new Google Chrome update. Here is a step by step guide to ensure the websites you are visiting are protected against cyber crime... You can read the rest HERE.

14 Feb 2017

Symantec's cyber security team's assistance in uncovering a prolific cyber-gangs network has lead to the arrest of three criminals responsible for $35 million stolen from victims. Full story HERE.

9 Feb 2017

“Ticketbleed” (so named for a similarity to the notorious 2014 Heartbleed) is specific to F5's Big-IP appliances and can strike when virtual servers running on those boxes are configured with a Client SSL profile that has the non-default Session Tickets option.... Read more HERE

31 Jan 2017

Google has launched its own root Certificate Authority (CA), which will allow the company to issue digital certificates for its own products and not have to depend on third-party CAs in its quest to implement HTTPS across everything Google. Read the full article HERE.

18 Jan 2017

Looking back on 2016, we find that we have made great progress in the realm of internet security. Finally, the use of HTTPS has surpassed the use of HTTP, we saw the end of public-trusted SHA-1 SSL/TLS certificates, and it was revealed that more transparency should be considered in regard to a number of certification authorities. Fortunately, we ...


More »