You can bypass the SSL vulnerability in OS X with a couple of temporary changes, until a software fix is made available.
Tumblr blog owners can encrypt all visits to their sites, as long as they opt in. Why didn't Yahoo just make SSL the default setting?
Long a laggard when it comes to site security, Yahoo announces that it will activate SSL for all Yahoo Mail at the beginning of next year.
Yahoo Mail now supports SSL encryption for e-mail sessions through a Web browser. Disabled by default, we'll show you how to enable SSL for enhanced security.
A beige building in an average office park leads to some of the most closely guarded secrets of the Internet.
Certificate authority DigiNotar says its system was breached and that a fraudulent certificate for Google.com found its way to the Web.
VeriSign to check customer sites for malware and add security seals to some search results.
The Pushdo botnet is trying to evade detection by using fake SSL connections to major Web sites, researcher says.
Black Hat this week means lots of security vulnerabilities in the news, including the fact that SSL is now just SL thanks to an exploit discovered by Kaminsky and friends. We also decide that you can't fix stupid. Too bad. I wish we could.
Dan Kaminsky and Moxie Marlinspike explain how flaws in the way domain names are verified on the Internet could allow attackers to impersonate a site and steal information from unsuspecting Web surfers.