More and more, we hear talks about hackers entering personal accounts on systems such as Facebook, Twitter, Instagram and many others. There are many reasons why someone's account will be hacked. One of them is the lack of imagination for their password. Plus, some people use the same password for all of their accounts.
So, if you do it right, you will end up with many passwords. On my end, I have one password per account and that means about 400 passwords... That's totally unmanageable in a fairly standard human brain. For this reason, you end up writing down all your passwords on ...
In the last few days, we started hearing about a massive bug in the implementation of the VM memory handling.
Intel has been frantically working on fixing host machines kernels in order to prevent one VM from accessing the memory of other VMs that run on the same machine.
Of course, most users are not going to attempt to read someone else memory so in that sense, most of us are relatively safe. But all of those who are not so lucky and have uninvited guests on their systems are running at very high risk. The information available from Intel says the memory is accessible only in Read mode. ...
A few days ago the news that SSLv3 was no good came out. The protocol allows for patterns that can be used by a hacker to decipher an encrypted message without the need for the private key. In other words, encryption using SSLv3 is no good (anymore--it never was, but we know this only now.)
We fixed our Apache2 settings, for those interested, you just have to turn off SSLv3 with the following setting:
SSLProtocol all -SSLv2 -SSLv3
Although to really remove all the encryption methods that are not that secure (can easily be cracked) you also want to change the list of ciphers with:
...
Interestingly enough, today I received a Security Advisory from Drupal saying that users received an email from a hacker asking them to install a Trojan module on their Drupal system.
I find it quite interesting since, if Drupal wasn't secure, the hackers would not have to ask you to make it unsecure, would they?
However, this shows how many CMS systems introduce a security issue problem to your web server installation since it is required to let your web server execute any one PHP file...
All the files installed on your web server and that are directly accessible from the outside (i.e. ...
Made to Order Software offers advanced websites and many of our customers choose to make use of the Newsletter package with their website. It has extraordinary advantages such as adding content to your website at the same time as you are sending emails to your subscribers.
We also offer hidden mailing capabilities such as auto-responders and list management.
All subscribers of any one of the lists hosted by Made to Order Software Corp. can always unsubscribe by following the unsubscribe link at the bottom ...
The FileAttributes tag is new to version 8. It must be present in all movies version 8 and over. It must be the very first tag in the SWF movie. It should be unique (other instances will be ignored.)
The f_has_metadata flag shall be set to 1 whenever the movie includes a Metadata tag.
The f_allow_abc flag shall be set to 1 to give the player the right to execute DoABC scripts (this is a version 9 flag, in version 8, keep it set to 0.)
The f_suppress_cross_domain_caching must have some effect over the caching of some things... (version 9+)
The f_swf_relative_urls means that URLs specified ...
This is a quite interesting article which I thought I should share and keep a copy of!
Most of us, even if we can determine whether a piece of software (or hardware!) can be hacked, we just do not have the time to spend on testing each device we use to ensure that no hackers will be able to get it. We rely on the manufacturer to do that work for us.
This article shows that even though all manufacturers have protections, all are vulnerable! And that means your data is vulnerable on your cell phones... Hope this does not scare you too much!
Note by the way that those people who have plenty of ...
As of now, our servers are running Drupal 6.9.
As stated on the Drupal website, this is a security update. Some issues could have given a hacker access to our database system. Although the risk was low, we decided to upgrade immediately.
The other problems that Drupal 6.9 resolves, were not issues on our servers.
If you have an questions or concerns, please, feel free to contact us.
Links:
Don't forget! With 136 modules available, chances are, we've got what you need!
Let us know if there ...
I already mentioned the American Government as being a target of many hackers.
You may also remember that in 1998, the Department of Defense was hacked by someone named Ehud Tenenbau. He was arrested at the time. He was still a teenager then.
Once back on the streets, he decided to wear a white hat and helped companies, many in Israel, to enhance their defenses. But that was only his day time job!
I guess that once you had a taste for a bad behavior, you just go on with it.
There are three excellent reasons to switch to a Reverse Proxy Server right away:
Figure 1 below presents a simplified setup of a Reverse Proxy Server.