Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- vulnerability

  Top 3 Cybersecurity Trends to Watch Out for Today

One trend in cybersecurity that never changes is that it’s getting more important with every passing year. According to statistics, the number of cyberattacks and severity of the losses they incur are growing at an alarming rate. Every day about 24,000 of malicious mobile apps get blocked yet more pop up overnight. For a business today cybersecurity isn’t an option, it’s a necessary measure one needs to invest in heavily. And it’s essential to follow the trends and develo...

   SECURITY,CYBER SECURITY     2019-05-14 09:03:24

  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...

   XSS,PHP,Security,Code,JavaScript     2012-08-27 20:32:08

  Comex, the Hacker Behind JailbreakMe.com, Hired as Apple Intern

Comex, the hacker behind JailbreakMe.com, is joining Apple as an intern. JailbreakMe.com made it extremely easy for iOS users to jailbreak their devices simply by visiting a website. He announced the hiring on Twitter: It's been really, really fun, but it's also been a while and I've been getting bored. So, the week after next I will be starting an internship with Apple. Forbes unmasked Comex as Nicholas Allegra, a 19-year old Brown University student from Chappaqua, NY, by Forbes. In that arti...

   Apple,Comex,Jailbrealme,Intern,Leak,Hack     2011-08-26 02:35:57

  Beauty of code : How to write graceful PHP code

Writing good code is an art. In order to achieve this, it is necessary to develop good programming habits at the beginning. Good programming habits not only contributes to the early project design (modular),but also allows you to the code easier to understand, so that the maintenance of the code is easier. Bad programming habits will result in more code bugs, and will make future maintenance work difficult. We introduce some good programming habits taking PHP as example. Hope this will help you....

   PHP,Good code     2012-08-26 12:23:03

  Why should we drop or reduce use of MD5?

MD5 is a frequently used one-way hash algorithm, it is commonly used in following situations: Check data integrity. We take hash of the data stored in two different places and compare them. If the hash results are the same, then there is no need to check the actual data. This utilizes the collision-resistant feature. Two different data block will have little chance that their hash values will be the same. Many data service providers use such technique to check repeated data to avoild repeating...

   MD5,Vulnerability,attack     2012-09-29 04:47:49

  How to check whether a web page can be loaded in iframe

Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...

   HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY     2018-07-27 22:36:02

  SQL Injection through HTTP Headers

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and whic...

   Code security,SQL injection,HTTP header     2012-04-05 11:42:04

  8 very useful and free web security testing tools

With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...

   Website, security,Web security,Attack     2012-07-22 10:59:09

  Top 10 Best Free PHP Frameworks of 2015

Like it or not, PHP is still, the most celebrated as well as an influential platform which is widely admired for its brilliant HTML, database integration support, intuitive features, and simple in learning too. Using diverse PHP frameworks, developers can create robust, effective, well- defined and stable web application with an ease and therefore, saving towards development cost is possible.   In essence, these frameworks facilitate scalability and enduring maintenance by obeying developm...

   PHP FRAMWORKS,CAKEPHP,LARAVEL,CODEIGNITER,ZEND ,PHALCONPHP,YII ,FUELPHP,SYMFONY,PHPIXIE,SLIM     2015-10-02 04:56:03

  Transparency in Cloud Services

37signals recently launched public “Uptime Reports” for their applications (announcement). The reaction on Hacker News was rather tepid, but I think it’s a positive development, and I applaud 37signals for stepping forward. Reliability of cloud applications is a real concern, and there’s not nearly enough hard data out there. Not all products are equally reliable; even within 37signals, the new reports show a 3:1 variation in downtime across apps. That said, ...

   Cloud,Transapency,37signals,Announcement     2012-01-10 07:24:02

RECENT