Presently sponsored by: Build scalable, reliable and secure cloud native applications with Tech Fabric It's another day-late weekly update courtesy of another hectic week. Scott and I were at NDC Sydney doing a bunch of talks and other events and I just simply didn't get time to push this out until sitting at the airport waiting for the plan home. This week's update is a little different as we did it at SSW's recording setup in front of a live audience. Better video, better audio and some questions asked in the process too. Other than that, it's business as usual: more keyloggers on payment forms, more data breaches and a massive extended validation smack-down. Lastly, just as I went to publish this post, I noticed SSW had taken down the original video. I've reached out to them to get a new link, but I managed to download and publish the audio earlier on so I'm publishing that for now. References Scott published his blog post about Magecart coming for you (then right after that the NewEgg breach was announced) SRI is a super useful little browser feature (it doesn't negate the need to review the code you're running, but it's not meant to either) EV is a dead duck (seriously, read that post if you haven't already, it's just an absolutely pointless security mechanism as it stands today) Tech Fabric are sponsoring my blog this week (big thanks to those guys for their ongoing support!) Oh - and PayPal still has no EV either 3 days later, PayPal still isn't showing the EV indicator in Chrome on Windows. Could it possibly be that it's just not that important? https://t.co/tQ3eMqJIz0 pic.twitter.com/GDRnHW84fn — Troy Hunt (@troyhunt) September 21, 2018 Continue reading...
