Yesterday, a CDN was hacked and malicious JS was served to a number of domains. Most websites make use of CDNs to serve up JS so as to reduce page load time. How do we protect ourselves from such attacks? I posed a similar question on Sec.SE some time back. Subresource Integrity is a new ...

If you are using piwik and desire to know exactly where your website visitors come from, this hack will allow you to display the hostname or PTR record beside the IP addresses on the piwik dashboard. The Ip2Hostname plugin logs down the visitor's hostname in an additional column but provides no ...

Sometimes, the lack of information is valuable information. The Washington Post reports that according to unnamed current and former US officials, the CIA pulled "a number of officers" from the US Embassy in Beijing as a precautionary measure following the breach — precisely because their names ...

I first came across the term cyberinsurance earlier this year while attending an information session in DC. At that point, it was suggested that there needs to be a benchmark that takes into account the cyber risks that companies are facing, for it to be feasible for insurance companies to ...

Singapore is the 2nd fastest country in the world in terms of fibre broadband speeds. However in my opinion, beyond a certain sweet spot of around 300mbps, any additional bandwidth brings about negligible benefit. 1) The server is the bottleneck. Let me use an analogy, you can widen the road in ...

Rules of engagement is a concept familiar to most military personnels worldwide. The basic premise of having rules of engagement is to ensure an appropriate level of response or reaction to a particular threat. It is sometimes also known as escalation of force. Rules of engagement for physical ...