Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Exploit

  How to check whether a web page can be loaded in iframe

Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...

   HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY     2018-07-27 22:36:02

  Top 3 Cybersecurity Trends to Watch Out for Today

One trend in cybersecurity that never changes is that it’s getting more important with every passing year. According to statistics, the number of cyberattacks and severity of the losses they incur are growing at an alarming rate. Every day about 24,000 of malicious mobile apps get blocked yet more pop up overnight. For a business today cybersecurity isn’t an option, it’s a necessary measure one needs to invest in heavily. And it’s essential to follow the trends and develo...

   SECURITY,CYBER SECURITY     2019-05-14 09:03:24

  Top Digital Transformation Trends To Lookout For in 2018

While Innovation was rife in 2017, it is expected that 2018 will bring the cherry on the cake. While businesses are shifting continually towards making things work with Technology in view, organizations have had to embrace the Tech wave for good. A paradigm change in the way businesses operate is the consequence of the trends in Digital Transformation. From Artificial Intelligence to Blockchain, to Machine Learning, to Data Analytics, 2017 saw the onset and the growth of numerous new Technologie...

   CUSTOM SOFTWARE SOLUTIONS,SOFTWARE DEVELOPMENT,OFFSHORE SOFTWARE DEVELOPMENT,OUTSOURCING SOFTWARE DE     2018-01-10 00:37:38

  The war with spam comment

Spam comments are annoying and notorious. They are either malicious data from hackers to exploit the loopholes of the site or advertisements posted by robots. These kinds of comments have their own features and patterns, if we are careful enough, we can find ways to block most of them although it's not so easy. To block the comment with malicious executable codes such as JavaScript, we should remember one rule : never trust user input. So wherever there are user inputs, we need to check the vali...

   Spam comment,Block,Filter     2013-11-29 20:29:43

  How Can Your Data Be Stolen Online?

In 2019, according to Statista, nearly 165 million sensitive records were exposed in the US due to data breaches. Unfortunately, data theft is not going anywhere. Hackers are using increasingly sophisticated methods to steal information, but thankfully there are measures you can take to ensure your data stays safe. Here are some of the most common ways people get their data stolen online and how you can take precautions against the methods cybercriminals use. Human Error Hacking is one of the m...

   DATA SECURITY,PROTECTION KID     2021-01-27 19:46:05

  Supercolliding a PHP array

Did you know that inserting 2^16 = 65536 specially crafted values into a normal PHP array can take 30 seconds? Normally this would take only 0.01 seconds. This is the code to reproduce it: <?php echo '<pre>'; $size = pow(2, 16); // 16 is just an example, could also be 15 or 17 $startTime = microtime(true); $array = array(); for ($key = 0, $maxKey = ($size - 1) * $size; $key <= $maxKey; $key += $size) { $array[$key] = 0; } $endTime = microtime(true); echo 'Inserting...

   PHP,Array,hashtable,Slow,Colliding     2011-12-29 09:02:01

  What is encryption? Its role in the modern age

“Messages and calls are end-to-end encrypted.” If you are a WhatsApp user, you must have read this statement at the top of chats you open. Now, what does it mean? The statement signifies that all the messages or voice notes shared between users are encrypted, and no one can read or listen in on them. As mostly all of us use messaging apps and emails, information security has become a major concern. Moreover, we don’t know how many digital footprints we leave on the web can be t...

   DATA SECURITY,VPN     2021-01-21 08:04:16

  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...

   X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP     2023-11-29 01:48:40

  Android Security

Android is an open source mobile platform that includes an operating system, middleware and applications. Android has revolutionized the mobile world in a big way. Android, which started as an alternative to Apple’s iOS, is now slowly eating into the market share of Apple and is of primary concern to the company. Let’s have a brief introduction about android and then look into the security concerns and vulnerabilities that need to be focused on. Android Introduction: Android was deve...

   Android security,Input validation     2013-04-16 12:19:37

  SSH Security and You - /bin/false is *not* security

Backstory While at RIT around 2004 or 2005, I discovered that a few important machines at the datacenter allowed all students, faculty, and staff to authenticate against them via ssh. Everyone's shells appear to be set to /bin/false (or some derivative) on said machines, so the only thing you'll see after you authenticate is the login banner and your connection will close. I thought to myself, "Fine, no shell for me. I wonder if port forwarding works?" ...

   Linux,Security,/bin/false,SSH     2012-02-06 07:46:29

RECENT