Best practices for SSL / TLS security for websites for maximum Security and optimal compatibility. In my previous article available here I have mentioned what SSL / TLS configuration you should implement if you can control what browsers / OSes your…
I decided in March to give the CISSP exam in April/May. As with most people I did not want to spend 3-6 months preparing for an exam I needed something short and concise. CISSP for Dummies despite the name fits…
Few days ago came a big vulnerability in Stagefright was announced by Zimperium, who stated that most Android phones could be remotely hacked by a malicious MMS. Around 50% of devices just need to receive it and the rest need…
Recently our office got a few sit stand desks which looked interesting. I had never tried one before but once I started using the desk it felt nice. As with most people working years in front of a computer I…
A new attack recently was published with multiple new agencies saying that by using Stegosploit just an act of viewing an image in a browser can hack your system. When I first read this it seems scary because any site which…
This new SSL / TLS attack nick named FREAK actually exploits deliberately weak “export ciphers” push by the NSA more than a decade ago. These ciphers were deliberately made weak so that the US Government could decrypt the traffic. Export cipher suits such…
Quick and easy and way to install ImageMagick and Imagick on CentOS 6.6 in 5 mins or less This article was last updated on 2/16/2015. The versions are as follows: ImageMagick 6.9.0-4 Q16 x86_64 2015-01-23 Imagick-3.2.0RC1 First I recommend you…
Troubleshooting IBM AppScan Login Macros Creating a login macro with AppScan can be extremely simple or extremely frustrating. I recently ran into a application which required I use Prompt login method because of a secondary info which was required. AppScan was successfully recording…
Remote CMD into another Windows system A colleague of mine was recently running a Web Application Scanner over night on a Windows 8 desktop. In the morning he could not log back in. There were also a couple of disconnected…
HTTPS Security in the Perfect World! Best practices for SSL / TLS security for websites if you have control over all Client Browsers / Operating systems. Due to the current breakneck speed of vulnerabilities discovered and exploited in various…
This website uses cookies to improve your experience. If you continue to use this site, you agree with it.
