administration and orchestration Archives - Page 8 of 12

Anna E Kobylinska 2016-03-07 Leave a Comment

Still using Kerberos Authentication? Now You Have a Reason to Stop: It Does NOT Keep Your Business Safe

Kerberos, an ancient network authentication protocol from the 1980s that is commonly used to this day, can get you into some serious trouble.

The Kerberos setup used by your organization may not be all it’s cracked up to be.

[Read more…]

Anna E Kobylinska 2016-03-02 Leave a Comment

How to Set Up Anti-Spam Filters Using Regular Expressions the Smart Way

In order to fish our spammer’s emails and other identifying information, you can use your mail clients’ log files and/or junk email. Here is how to get started.

[Read more…]

Filipe Martins 2016-03-01 Leave a Comment

DROWN, a New Attack on OpenSSL: Millions of OpenSSL-Secured Websites Are at Risk!

A recently discovered security vulnerability in OpenSSL allows a long-deprecated protocol, SSL v2 (Secure Sockets Layer) to be misused in attacks at modern websites. The new attack has been, perhaps fittingly, dubbed DROWN, an acronym for Decrypting RSA with Obsolete and Weakened eNcryption. Cyber security analysts believe it might shut down–or shall we say drown, more than one third of all HTTPS servers. Is yours one of them?

[Read more…]

Filipe Martins 2016-02-22 Leave a Comment

Create a Content Security Policy to Protect Your Web Application against XSRF/CSRF/XFS, Clickjacking and Other Code Injection Attacks

[Updated 2019-03-17] Are you wondering why some JavaScript code from external domains simply won’t execute on your website? The reason could be as simple as an overly restrictive Content Security Policy (CSP for short). This article explains how you can create a Content Security Policy that’s both protective and functional. It will help you to secure your web server from some types of cross-site request forgery (XSRF/CSRF/XFS), clickjacking and other code injection attacks.

[Read more…]