Tag: Security
All the articles with the tag "Security".
The target="_blank" phishing attack vector
Updated: at 03:39 PMIf you use target="_blank" you need to also use rel="noopener noreferrer"
What every Browser knows about you
Updated: at 04:23 PMJavaScript allows you to find your local IP and devices on your network, which web sites you're logged in to, Facebook Clickjacking, hardware specs and more
How To Safely Hash A Password
Updated: at 07:43 PMIf you're not using bcrypt get with it or be vulnerable
An Introduction to Content Security Policy - HTML5 Rocks
Updated: at 08:26 PMMike West runs through everything you need to know about Content Security Policy
The Moonpig Bug: How 3,000,000 Customers' Details Were Exposed
Updated: at 03:59 PMSome idiot thought that instead of OAuth tokens or the like, "let's use the integer user id as proof that the user logged in ok"
Heartbleed, Shellshock and now Poodlebleed: are we safe on the web?
Updated: at 11:26 PMUse this online test to check your server then use Firefox and set security.tls.version.min to 1
CloudFlare blames today's downtime on South American backbone Internet provider Internexa
Updated: at 11:19 PMWith the heartbleed bug, shellshock, and now this BGP route leak incident, 2014 is exposing the fragility of the Internet
CloudFlare explains Shellshock: it potentially affects web servers, set-top boxes, laptops and telephones
Updated: at 07:26 PMShellshock is a simple exploit that is seriously bad; CloudFlare talks about how they patched their system so quickly
Shellshock: a severity 10/10 Bash bug that allows attackers to execute arbitrary commands on web servers
Updated: at 01:42 AMYou thought the heartbleed bug was bad? Today's Bash vulnerability is much much worse
Front End Security is a thing, and you should be concerned about it
Updated: at 03:12 PMAll web developers should be concerned with XSS, Iframe attacks, CORS and cookie exploits