430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

WordPress pushes Free HTTPS Encryption for all its blogs

WordPress announces “HTTPS Everywhere, Encryption for All WordPress.com Sites,” millions websites will be secured without users’ effort. WordPress is pushing free default SSL for all the website running the popular CMS and hosted on WordPress.com, that means over 26% of websites based on the most popular CMSs on the web will be secured (Statistics by W3techs). […]

WordPress miniOrange

WordPress announces “HTTPS Everywhere, Encryption for All WordPress.com Sites,” millions websites will be secured without users’ effort.

WordPress is pushing free default SSL for all the website running the popular CMS and hosted on WordPress.com, that means over 26% of websites based on the most popular CMSs on the web will be secured (Statistics by W3techs).

On Friday, WordPress announced that it has partnered with the Let’s Encrypt project in order to offer free HTTPS support for all of its users on WordPress.com blogs.

According to the systems engineer Barry Abrahamson from WordPress’ parent company Automattic, the roll out will be transparent without impact on the users.

“Today we are excited to announce free HTTPS for all custom domains hosted on WordPress.com. This brings the security and performance of modern encryption to every blog and website we host. Best of all, the changes are automatic — you won’t need to do a thing.” Abrahamson wrote in a blog post. 

“This brings the security and performance of modern encryption to every blog and website we host.” “For you, the users, that means you’ll see secure encryption automatically deployed on every new site within minutes. We are closing the door to un-encrypted web traffic (HTTP) at every opportunity.”

FanceBox plugin WordPress 2

That is great, more security, for free and without any effort! The Internet will be a better place, users will be protected from eavesdropping. The massive introduction of Web encryption provides more than security to the users, the protocol enhancements like SPDY and HTTP/2 have reduced in a significant way the performance gap between encrypted and unencrypted web traffic.

Digital certificates will be offered by the Let’s Encrypt initiative starting from January.

“The Let’s Encrypt project gave us an efficient and automated way to provide SSL certificates for a large number of domains. We launched the first batch of certificates in January 2016 and immediately started working with Let’s Encrypt to make the process smoother for our massive and growing list of domains.” added Abrahamson.

Summarizing … WordPress.com is activating HTTPS on all its websites without requesting users intervention.

Enjoy it!

[adrotate banner=”9″]

Pierluigi Paganini 

(Security Affairs – HTTPS, hacking)