Squarespace OCSP Stapling Implementation
We’re excited that Squarespace has decided to protect the millions of sites they host with HTTPS! While talking with their
team we learned they were...
Introducing Internationalized Domain Name (IDN) Support
Let’s Encrypt is pleased to introduce support for issuing certificates that contain Internationalized Domain Names (IDNs). This means that our users around the world...
DDoS’s Newest Minions: IoT Devices (Volume 1)
The latest evolution of cyber weapons is brought to you by the default passwords in Internet of Things (IoT) devices. - Read more
ISRG Legal Transparency Report, January 2016 – June 2016
The trust of our users is ISRG’s most critical asset. Transparency regarding legal requests is an important part of making sure our users can...
What It Costs to Run Let’s Encrypt
Today we’d like to explain what it costs to run Let’s Encrypt. We’re doing this because we strive to be a transparent organization, we...
Let’s Encrypt Root to be Trusted by Mozilla
The Let’s Encrypt root key (ISRG Root X1) will be trusted by default in Firefox 50, which is scheduled to ship in Q4 2016....
Full Support for IPv6
Let’s Encrypt is happy to announce full support for IPv6.
As IPv4 address space is exhausted, more and more people are deploying services that are...
Web Injection Threats: The Cost of Community Engagement on Your Site
Customer engagement drives web application design, but user-generated content brings inherent security challenges. - Read more
Defending Our Brand [Updated]
Update, June 24 2016
We have confirmed that Comodo submitted Requests for Express Abandonment for all three trademark registration applications in question. We’re happy to...
Latest article
Mistic Backdoor Blends With Microsoft Endpoint Security Tooling to Evade Detection
A new and stealthy backdoor named Mistic has been quietly targeting corporate networks since April 2026, disguising itself using the names and appearance of...
Restrict AWS Management Console access to expected networks with sign-in resource-based policies and RCPs
Amazon Web Services (AWS) recently announced support for resource-based policies and resource control policies (RCPs) for AWS Sign-In. By using resource-based policies and RCPs,...
Healthcare Vendor Xsolis Reports Breach Affecting 1.4M People
Xsolis confirmed a healthcare data breach affecting nearly 1.4 million people after a phishing attack exposed health and identity data.
The post Healthcare Vendor Xsolis...
Scattered Spider duo convicted over $38M Transport for London attack
Two members of the Scattered Spider cybercrime collective have admitted launching a cyberattack against Transport for London (TfL) that caused...
