As of July 24, websites that aren't encrypted will stand out for Chrome browser users with a "Not Secure" label in the address bar. The good news is that use of the unsecured HTTP protocol has diminished by more than 20 percentage points, according to Google, since it announced its intention to call out vulnerable sites more than two years ago.
In its blog post announcing the change, Google restated its desire to see the Web as an environment of 100% encrypted communications. Users of the latest version of Chrome (68) will see a new “not secure” notification when visiting HTTP pages. For the October release of Chrome (70), the company intends to call out unencrypted sites in bright red letters
Google also pointed out that it offers encryption at no additional cost for website owners through Let's Encrypt, a free and open certificate authority.
Read here, here, and here for more.
Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.