1,394 Topics
 | |
 | Acronis responds to DaniWeb questions regarding a leak of customer data which, [as we exclusively reported over the weekend](http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/news/427455/breaking-acronis-blames-technical-issue-for-customer-data-leak), resulted in some information being indexed by search engines and accessible to anyone on the Internet.  Although the leak itself was identified by Acronis on Friday 29th June, the … |
| | Following on from the news earlier this month that [LinkedIn had suffered a major security breach](http://www.daniweb.com/internet-marketing/social-media-and-web-communities/news/425019/linkedin-confirms-six-million-password-hack-check-if-yours-is-one-of-them) involving the compromise of at least six million user passwords, and then dating site [eHarmony apparently falling victim to the same password hacking compromise](http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/news/425118/dating-disaster-eharmony-confirms-passwords-exposed-by-linkedin-hacker), the latest to be hit would appear to be the …  |
| | Hi guys, I really don't know how to list the content of that box in AD. Can you give me some hints - I found none so far :(  Thx for your help! |
| | Recently we have all become somewhat over-exposed to the leaking of customer data courtesy of inadequate security allowing hackers to gain access to databases. The [LinkedIn LeakedOut leak](http://www.daniweb.com/internet-marketing/social-media-and-communities/news/425019/linkedin-confirms-six-million-password-hack-check-if-yours-is-one-of-them) and [eHarmony dating data disaster](http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/news/425118/dating-disaster-eharmony-confirms-passwords-exposed-by-linkedin-hacker#post1817377) are good examples of the genre. However, let's not forget that sometimes no hackers are required to … |
| | At least 55,000 Twitter accounts would appear to have been compromised in a breach perpetrated by members of the Anonymous hacking collective. Details of the accounts, including usernames and passwords, appeared across a total of no less than five pages at Pastebin yesterday.  However, appearances can often be … |
| | I've looked everywhere and haven't found a clear step by step tutorial on how to secure sessions/cookies. Here are snippets of my code, i'd like to know how i can improve on session security to prevent fixation/hijacking and cookie safety. This is snippets of code for the user login system. …  |
 | Hi, all, This may not be the correct place to ask this question, but I can't find another forum that seems to match my question. We have a web site which stores : user's name (which is not validated in any way, so we have lots of Donald Ducks and … |
| | A password is defined as being a "secret word or string of characters" that is used to authenticate identity and enable access to a resource. The emphasise being on the word secret, although 'unique' is equally important when it comes to password security. Which is why the list of the … |
| | For security reasons, several articles recommend "do not cache pages". So I usually put the following at the beginning of my web pages header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); That works very … |
| | Hi all, I have the following code to process through my requests, then use in a database. FIRST of all, I was wondering if i have it in the right order, and SECOND, if there are any other steps i could do to secure up my application. have a look, …  |
| | A cyber weapon grade piece of malware, some twenty times the size of Stuxnet, has apparently been fired at a number of countries in the Middle East. This highly complex piece of code which takes screenshots of any open 'programs of interest' such as email or IM, records audio and … |
| | Hi, I'm a developer by trade but I've done some networking in the past (mostly buying and creating machine specifications but also a bit of firewall management and AD policies,) In a previous company I was even Manager of the Systems department (Developers and IT guys) Anyway I've recently joined … |
| | I am creating a website although during a trial run with a couple of friends they uncovered a bit of a major issue.... the ability to spam. I have added a hidden box e.t.c. to attempt to prevent bots from spamming but my friends where able to post twenty messages … |
| | The Serious Organised Crime Agency (SOCA) website remains offline after being hit by a Distributed Denial of Service (DDoS) attack for the second time in the space of a year. Last June it was the hacktivist group LulzSec which claimed responsibility; this time nobody has yet come forward to admit … |
| | The Flashback Trojan has infected at least 600,000 Apple computers running Mac OS X according to the Russian AV company [Dr Web](http://www.drweb.com/?lng=en) which researched the spread of the malware which was originally discovered at the end of last year and for which Apple issued a security patch just this week. …  |
| | If you are a user of Adobe Flash, be sure to apply the latest security update if you want to avoid becoming part of an in-the-wild attack exploiting a vulnerability which currently seems to be exploiting users of Internet Explorer on the Windows platform only. Adobe has, however, issued an … |
| | Hi, a question about stand-alone Java applications that do not have a background DB. In our Uni class we were asked to build a very small application using JOptionPane methods such as "showInputDialog". The application asks for users name and birthdate and at the end displays a summary of these …  |
| | Hi there, I have recently been looking into encryption, for MySQL and php, to figure out someway to encrypt the information in the database, or more to the point before it goes in, or decrypted when it comes out. What I'd like to happen is for the info submitted from … |
| | The Apple iWork office productivity suite for the Mac has been around for ages, and was recently joined by an iOS version. iWork documents have, up until now, been seen as being pretty safe courtesy of the particular implementation of the 128-bit AES encryption Apple used to secure them. I … |
| | Security researchers are warning that some 30,000 WordPress websites, 85% of them based in the US, have been compromised by a mass-injection hijack attack which sees visitors to any of more than 200,000 individual pages redirected to a Trojan infected rogue AV scam. [ATTACH=RIGHT]24076[/ATTACH]The senior security researcher with Websense Labs, … |
| | Hey everyone, Our team at Dell SMB has recently put together a [Slideshare](http://goo.gl/oJtjH) of our most popular white papers. I hope this is helpful to the Daniweb community! Thanks, Mourin |
| | Probably the most common Olympic Games 2012 scam is that of unofficial ticket sales. No great surprise there, but the fact that Google appears to be in on the act might come as a shock to many. So what, exactly, is going on? [ATTACH=RIGHT]23779[/ATTACH]A little known law in the UK …  |
| | The Iranian Cyber Army may be the latest elite military hacking squad to hit the headlines, but Iran has a long way to go if it's to catch up with China in terms of international data disruption. According to one newly published report into the threat from Chinese state-sponsored espionage … |
| | I think my site has been hacked! I found these lines of code on all my php files and I didn't put them there. Problem is I don't know enough php to understand what this batch of code does. Could anyone please help? How bad is it? Here's the code: …  |
| | How can I get SSL working in Tomcat 6.x under Linux?, ive read the documentation here: [url]http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html[/url] but im not sure how to do it with a certificate I will make myself (its a dev box) |
| | Following the arrest of 25 suspected members of the Anonymous hacking collective in Europe and South America, the INTERPOL website went offline. Coincidence? I don't think so. After all, Anonymous has already proven it isn't scared, or indeed incapable. of taking down law enforcement sites. Earlier in the month it … |
| | i was a diploma in networking, and has be in the final year and need to do some network security project.. can someone give me an idea what things should i do for my project.. because i think i just want to do something that been related with router.. i …  |
| | I want to manually test my sites to check if they are secure against SQL injections. Whats a good way to attempt it. How do I get started? thank you |
| | hi there can anyone tell me if its possible with php to use certificate to autenticate to a web application admin area instead of using common username and password? and is there a vps web server that can encrypt the whole drive and database of my application, for it may … |
| | The Ainslot.L Trojan appears to be much the same as any other at first glance; logging user activity and sending Gmail and Facebook passwords to the bad guys, downloading further malware, taking over your computer and the main payload of being a Banking Trojan stealing account login data. But Ainslot.L … |
The End.