Free Post Report URI Anatomy of a WooCommerce Skimmer: A Technical Deep-Dive One malicious change to a trusted JavaScript file can turn your checkout page into a silent credit-card skimmer, siphoning customer data off to criminals while the website looks secure...
Free Post Report URI Amazing Refresh — A Malicious Chrome Extension Running Malware in the Browser We recently uncovered a malicious browser extension affecting visitors to customer websites. It injected JavaScript into pages, hijacked outbound clicks through affiliate infrastructure, and quietly monetised user traffic. We spotted...
Free Post Report URI The European Space Agency got hacked, and now we own the domain used! It's not often that two of my interests align so well, but we're talking about space rockets and cyber security! Whilst Magecart and Magecart-style attacks...
Free Post Report URI Integrity Policy - Monitoring and Enforcing the use of SRI This has been a long time coming so I'm excited that we now have a working standard in the browser for monitoring and enforcing the use of SRI...
Free Post Report URI Capture JavaScript Integrity Metadata using CSP! Today we're announcing the open beta of a brand new and incredibly powerful feature on the Report URI platform, CSP Integrity! Having the ability to collect integrity metadata...
Free Post Cloudflare Workers The brand new Security Headers Cloudflare Worker For a long time it's been difficult to set security headers when you use certain hosted solutions like Ghost Pro or GitHub Pages. All of that is about...
Free Post OpenPGP Creating a PGP Contact Form After blogging about setting up PGP on Windows [https://scotthelme.co.uk/encrypted-email-is-easy/] and Android [https://scotthelme.co.uk/encrypted-email-android-phone/], it's apparent how few people really use it. In an effort to take another step towards...
Follow