HSTS

New .Gov Domains to Force HTTPS: HSTS Preloading Will Be Enabled Starting Sept. 1
In a move that aims to make all U.S. government websites more secure, the General Services Administration’s DotGov Program announces the migration of government domains to the HSTS preload list starting this ...
It’s all about the data
Data protection, controls and compliance don’t have to be an onerous obligation. With the right approach, you can turn it into a key differentiator for your business, says Tala’s Director of Product ...

The NSA HSTS Security Feature Mystery
I recently stumbled across an NSA Cyber Advisory titled Managing Risk from Transport Layer Security Inspection (U/OO/212028-19) after first learning about it through Jonas Lejon's blog post NSA varnar för TLS-inspektion (Swedish) ...

Why Websites Need HTTP Strict Transport Security (HSTS)
HTTPS has become the protocol of choice for any serious website, but effectively enforcing the use of HTTPS instead of HTTP requires the HTTP Strict Transport Security header, or HSTS. By sending ...
How to Add HTTP Security Headers in WordPress
If you own a WordPress site, then you should be careful about your website security. To successfully run a blog, business or online store, you need to make sure your website is ...

Orbitz Suffers Data Breach Impacting 880K Customers
Expedia-owned travel fare aggregator Orbitz.com discovered that one of its platforms was compromised last year and hackers might have accessed the payment cards details and personal information of about 880,000 customers. The ...