SEARCH KEYWORD -- Attack


  Useful functions to provide secure PHP application

Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities  In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous o...

   PHP,security,SQL Injection,XSS,AJAX     2014-10-30 04:21:59

  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...

   X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP     2023-11-29 01:48:40

  Techies: Let's Not Forget Brain Hacking

A close-up of a jellyfish Description automatically generated with low confidence Credit: SergeyNivens via Canva The world of cyber security never fails to surprise us with bolder and more sophisticated cyber-attacks and...

   HACKING     2022-02-03 21:43:11

  Arrays.equals() vs MessageDigest.isEqual()

Both Arrays.equals() and MessageDigest.isEqual() are used to compare the equality of two arrays. They can be interchangeably in many cases. However, they do have some differences which lead to different use cases in real applications. One difference is that the arrays passed to MessageDigest.isEqual() cannot be null while it's ok for Arrays.equals(). The one major difference between these two methods is that Arrays.equals() is not time-constant while MessageDigest.isEqual() is time-constant. Thi...

   Arrays.equal(),MessageDigest.isEqual(),Java,Security     2015-05-14 22:03:29

  Twitter service down incidents summary

This Thursday, Twitter encountered a global service down incident. This is the second service down incident since last month. Later Twitter updated its website and stated that users might not be able to access Twitter temporarily.Twitter admitted the service down incident and explained that this time's service down was caused by problems of their both data centers.Ok, now lets summarize the service down incidents encountered by Twitter in past few years.in May 2008, Twitter's new engineer team w...

   Twitter,Service down,History     2012-07-28 12:36:39

  Linux Kernel is replacing HTTP link with HTTPS

Linux kernel is in the process of replacing the HTTP links in its source code with HTTPS links. HTTPS is considered more secure than HTTP and can prevent lots of attacks like Man-In-The-Middle attack.  Currently there are more than 150 patches submitted by Linux Kernel developers to replace these HTTP links.  One thing to be noted is this replacement process is not a manual search and replace process. Indeed, some scripts are created to find out these links and try to find whethe...

   LINUX KERNEL,HTTP,HTTPS     2020-08-08 01:35:20

  SameSite attribute in cookie

Starting from Chrome 51, a new attribute SameSite has been introduced for browser cookie. This attribute is to prevent CSRF attack. Cookie is normally used to store data exchanged between client and server. It frequently stores user login information. If a malicious website can forge a HTTP request with the valid third party website cookie, it may be called a CSRF attack. For example, if a user logins to a bank website your-bank.com, the bank server responds a cookie: Set-Cookie:id=a3fWa; L...

   JAVASCRIPT,COOKIE,SAMESITE,CHROME,CSRF     2019-09-14 04:57:51

  8 very useful and free web security testing tools

With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...

   Website, security,Web security,Attack     2012-07-22 10:59:09

  How Cybersecurity Preparedness Can Minimize Downtime During Cyber-Attacks

According to statistics, the average cost of a data breach reached $4.88 million in 2024, marking the highest recorded average to date. Moreover, 68 percent of data breaches in 2024 involved a human element. Cyber-attacks are no longer rare events—they’re an everyday risk for businesses. When a business isn’t prepared, even a minor attack can lead to costly downtime, disrupt operations, and harm its reputation. The good news is that businesses can reduce these impacts with pro...

   CYBER SECURITY ,CYBER ATTACK     2024-11-14 02:38:42

  Google plans to deprecate FTP URL support in Chrome

Currently people can access FTP list and download resources hosted on FTP servers in Chrome through FTP URLs, but this may not work anymore in the near future. In a post published by Chrome engineers, there is a plan to deprecate FTP support in Chrome version 82. The major motivation for this deprecation is that Chrome doesn't have an encrypted FTP connection support(FTPs), this raises security risk of downloading resources over FTP. Since users can access FTP URLs and download resources, there...

   CHROME 82,CHROME,FTP     2019-08-16 21:35:02

RECENT