1,400 Topics
 | |
| | using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Windows.Forms; namespace DBCsharp { class authentiction { public static int logged_user_id=0; public static bool CanAddUser = false; public static bool CanDeleteUser = false; public static TaregData db = new TaregData(); public static bool log_user(string username,string password) { var user = (from … |
| | G'day guys, My name is Cohen, I used to be an active member here under an old username. I have been out of the game for a while in regards to malware programs to run. I recently got hit with an annoying virus, the securityhelper.dll virus. I have googled it …  |
 | Spring has been getting rather unseasonably hot for Apache users as far as security flaws go. First there was news of how the FREAK (Factoring Attack on RSA-EXPORT Keys) vulnerability could impact Apache. For more on FREAK see this [excellent analysis](http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html) by Matthew Green, a cryptographer and research professor at … |
| | Addressing last weeks Securi-Tay conference hosted by the Abertay Ethical Hacking Society in Scotland, Stephen Tomkinson from the NCC Group detailed how Blu-ray players can do more than play videos; they can open up a new attack surface for the hacker. Tomkinson demonstrated a new tool that had been released … |
| | Hi, I'm trying to authenticate users with the use of Client SSL. I have installed the SSL on my Windows 8 PC and navigating to my website using IE and FireFox are fine. However when I navigate to same website Chrome asks to confirm the Certificate and after clicking ok … |
| | Although the term 'reflection DoS' is nothing new, I recall reading something about it three years ago when a high profile security researcher [used it to describe](http://www.understandingcomputers.ca/articles/grc/drdos_copy.html) how malicious SYN packets were being reflected off bystanding TCP servers and the SYN/ACK responses used to flood his bandwidth. More recently, Garrett … |
 | I am working on trying to secure some coldfusion servers. I've seen the lockdown guides all over the net. But those guides are for new installs. Is there a way to lockdown coldfusion after the install? |
| | Chinese computer manufacturer [Lenovo has admitted](http://support.lenovo.com/us/en/product_security/superfish) that it installed an adware component called Superfish on 16 million PCs shipped between September 2014 and February 2015 in order to "help customers potentially discover interesting products while shopping" according to an official statement made by the company. Although there is some argument …  |
| | The hacker collective known as Anonymous first declared war on Islamic State (formerly known as ISIS) supporters back in the Summer of 2014 with [Operation NO2ISIS](http://www.forbes.com/sites/jasperhamill/2014/06/27/anonymous-hacktivists-prepare-for-strike-against-isis-supporters/) which promised to target the online infrastructure of those countries sponsoring Islamic State militants. This declaration followed the hacking of an Anonymous Twitter account, …  |
| | Cancer is a terrible disease which it has claimed the life of a well known technology journalist and a well known coder within the last couple of weeks. Now Facebook has been diagnosed as being in the final stages of that online cancer which is a disregard for user privacy, … |
| | "Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to … |
| | Teens just love using social networks for everything from [URL="http://www.daniweb.com/news/story220006.html"]posting naked photos online[/URL] to [URL="http://www.daniweb.com/news/story218938.html"]wasting time during class at school[/URL]. We also know that [URL="http://www.daniweb.com/news/story219438.html"]parents have little idea what teens get up to online[/URL] but, it would appear, the teen online love affair has not gone unnoticed by young hackers … |
 | With just about everybody snooping around your emails today with the excuse of hunting the bad guys, coding to keep some resemblance of privacy is getting important. I will start out with some simple encryption examples to get this started. You are invited to give us your thoughts and codes. …  |
| | 2014 was not a good year for Microsoft, with the Xbox Live network being disrupted at both ends of December by [Lizard Squad DDoS attacks](https://www.daniweb.com/software-development/game-development/news/488412/lizard-squad-claims-responsibility-for-taking-down-xbox-live-today) and then as the year was finally coming to an end a different hacking collective dropped another bomb onto Xbox. A posting on Twitter simply … |
| | According to the [Daily Mirror](http://www.mirror.co.uk/news/technology-science/technology/charlie-hebdo-isis-flag-death-4946579), a number of official websites connected to French municipalities were hacked at the end of last week to coincide with the Charlie Hebdo massacre and the hostage taking at the Jewish supermarket. The newspaper reported that the home screens of websites belonging to the towns … |
| | It's the festive season but would you really expect Lady Gaga to give you a free iPad 2? That was the exact message being broadcast from Lady Gaga's Twitter account earlier, promising each and every one of her 17 million followers an iPad 2 and all they had to do … |
 | # Security for Wordpress and Codeigniter # I want to integrate wordpress and codeigniter and I am confuse about security.My admin panel will be in codeigniter and frontend in wordpress.what type of security is there.  |
| | Hello fellow coders, I'm Martin and right now i own a Minecraft hosting provider, but i am not that good with Linux CentOS 6.5 Minimal's security... So I'm asking for help with security on Linux CentOS 6.5 Minimal, right now the only think on it, is Minecraft servers. I can't … |
| | Oh the irony. In what is starting to read very much like the script to a Hollywood movie itself, the latest twist to the Sony Pictures hacking plot took an unexpected turn yesterday. It would appear that at one stage yesterday access to the web across pretty much all of … |
| | An increasing number of my acquaintances seem to be in the habit of buying cheap Android smartphones when in China on business and, increasingly, from online auction sites. More often than not these will be clones of flagship models but without the flagship price tag; however, cheap is not always …  |
| | Google has been quick to blacklist domains implicated, most often unwittingly, in the distribution of what has become known as the SoakSoak malware campaign courtesy of soaksoak.ru being the first domain in the redirection path it used. With 11,000 domains blocked over the weekend, you might be forgiven for thinking … |
 | I may be getting paranoid (at least my wife thinks so), but every time I hear/read about the internet of things, all that is said is how wonderful it will be to have everything interconnected and accessible from anywhere you happen to be. However, after all the revelations about the … |
| | A group describing itself as "DDoS kings" who "just want to watch the world burn" has claimed responsibility for taking the Microsoft Xbox Live network down for an hour or two earlier today. The [Lizard Squad](https://twitter.com/LizardPatrol), posting from a Twitter account called LizardPatrol, published a message warning that "Microsoft will … |
| | The annual 'Black Friday' discounted shopping storm is no longer just an American event; it's hit the UK like a hurricane today. Last night police were called to four different supermarkets with heavily discounted televisions after large crowds started to gather for the midnight opening. At one Asda store (a … |
| | Ever wondered why the bad guys continue throwing malware in your direction? The obvious answer is the correct one: because they make money from doing it. On Thanksgiving Day, as all others across the year it would seem, they can be thankful for the high profit to be raked in … |
| | Think that macro viruses written in VBA (Visual Basic for Applications) are just something that people using the Internet a couple of decades ago had to worry about? Think again. Word macro attacks never went away, they just went into decline. New evidence suggests they could be making something of … |
| | You might be forgiven for thinking that the iPhone is the most secure of the smartphone choices, especially if you've opted for a 5S or above with that fingerprint reader for secure ID and iOS 8 as the most robust of operating systems. Forgiven, but wrong; despite the claims from … |
| | You may be wondering what a superfecta actually is, and the answer is: the most dangerous and serious threat to business. To clarify, the superfecta as defined by secure cloud hosting outfit FireHost is a group of four attack vectors that comprises of Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), … |
 | Hello Anyone, I am new with PHP, I have nearly no experience. I need to update PHP though. I have no idea how to. I have PHP version 5.2.0 and need to update to a newer version. The web server it's used for is also using MySQL and IIS. If …  |
| | According to research commissioned by security vendor [Bit9 + Carbon Black](https://www.bit9.com/solutions/carbon-black/), nearly half (49%) of the organisations questioned admitted they simply didn't know if their businesses had been compromised or not. This uncertainty regarding cyber-attack detection ability comes in stark contrast to the 32% who confirmed they had been attacked …  |
| | American technology companies are by implication evil, and aiding terrorist groups such as Islamic State/ISIS according to a number of highly influential but terribly ill-informed Western players. Apple and Google have become the command and control networks of choice for terrorists and implementing full-device encryption by default will help Islamic … |
| | So, today is '[World Paper Free Day](http://www.aiim.org/events/paper-free-day)' apparently and I'm not sure whether it's appropriate to buy a card in the circumstances. Joking aside, what I am sure of is that such Hallmark days do provide an opportunity for press releases to be thrown in my general direction. And so … |
 | Hi, Malware Bytes has stopped scanning. I had bought the full professional, and it stopped scanning files on request (from the pop-up menu when you right-click on files). I then realised it wouldn't update, and reinstalls have failed. The other virus software I use is simply Windows Defender. I'm running … |
 | Is the check: if (!isset($_SERVER['HTTPS']) OR empty($_SERVER['HTTPS'])) { // We are NOT using SSL } a fool-proof way of checking if we are NOT using SSL with PHP/Apache? I understand that IIS sets to 'on/off' but that's irrelevant for me. I am just wondering if I additionally need to check …  |
| | A 22 year old vulnerability, yes you read that right, has been discovered which some security experts suggest could be bigger than Heartbleed. The bug, reported as '[CVE-2014-6271:remote code execution through bash](http://seclists.org/oss-sec/2014/q3/649)' relates to how environment variables are processed: with trailing code in function definitions being executed independently of the …  |
| | Although based in New York, DaniWeb is very much a global community. I'm from England, for example, and our moderator Diafol (who will be well known to anyone who has ever browsed the [PHP forum]( https://www.daniweb.com/web-development/php/17)) is a Welshman through and through. I mention this as last week I went … |
| | while mining medical data set privacy is a major concern.i want to mine medical data and preserve privacy.so i need to mine medical data and group them according to diseases so that it can be used for research and publishing without revealing patients information .i planned to use lkc privacy … |
| | So it seems that an Internet Explorer zero day vulnerability allowed the back door to be opened that resulted in the [URL="http://www.daniweb.com/news/story252590.html"]hack attack on Google[/URL] and many others that has received such publicity this week. According to [URL="http://siblog.mcafee.com/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-others/"]McAfee[/URL] it has identified an Internet Explorer vulnerability as being one of the …  |
| | So, Microsoft and iSIGHT uncovered another 0-day vulnerability; this time impacting all supported versions of Microsoft Windows and Windows Server 2008 and 2012. iSIGHT [has detailed](http://www.isightpartners.com/2014/10/cve-2014-4114/) in the wild exploits of the vulnerability, and points the finger of suspicion at state-sponsored Russian interests. The Dallas-based cybersecurity outfit explained that the …  |
| | A Drupal security advisory, [SA-CORE-2014-005](https://www.drupal.org/SA-CORE-2014-005), rather embarrassingly states that: > Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. … |
| | At the start of the year, [DaniWeb reported](https://www.daniweb.com/internet-marketing/social-media-and-communities/news/470719/snapchat-plays-blame-game-after-hack) how Snapchat, the self-destruct photo messaging service, had been hacked and information regarding 4.5 million users had been stolen. Fast forward to now, and Snapchat is again in the mire: nude images have started to appear on 4chan which have been stolen …  |
 | File I/O With C++ Fstream **Intro** File handling is as simple as writing in a book, much easier to modify and find. It's so simple people get confused with it :-). Welcome to the world of file handling. We will use the c++ fstream classes to do our file handling. … |
| | I have a few good old computer which runs on Window XP without any problem so far. But what happen come next year when Microsoft put Window XP to rest forever. No security updates, no hardware drivers update, no third party software updates etc.. Dump the old computer and buy … |
| | Microsoft will stop releasing security updates, hotfixes and other updates for Windows XP SP2 on July 13th 2010. No biggie, you might think, after all Windows XP SP3 was released way back in April 2008 and since then we've had both Vista (perhaps best forgotten) and the much more palatable … |
| | More often than not I'll be writing about the security problems facing Windows XP users, such as when I recently reported how a large number of enterprises are still running XP SP2 machines which will shortly [URL="http://www.daniweb.com/news/story287954.html"]stop being supported by Microsoft[/URL] in terms of security updates, hotfixes and the like. … |
| | As well as being CEO of penetration testing specialists High-Tech Bridge, Ilia Kolochenko is also perhaps unsurprisingly a white hat hacker of some repute. Equally unsurprising is the fact that he has [warned](https://www.htbridge.com/blog/plugins_and_extensions_the_achilles_heel_of_popular_cmss.html) that security vulnerabilities in leading CMS platforms such as Drupal, Joomla and WordPress are effectively leaving the … |
 | One of the biggest security stories so far this year is that of the high school that remotely triggered webcams in laptops given to students -- which the school said it only did to help track stolen laptops, and which some students and families said was a violation of their … |
| | The Internet of Things (IoT) is something of a buzz-phrase right now, and locking down the IoT is certainly something that vendors across both security and hardware industries are talking up. The problem with the publicity surrounding stories of 'things' that have been hacked is that, well, they never really … |
| | There's a truism that I like to share with as many people as possible: if you don't want other people to see something, then don't post it online. It is, you might think, a pretty simple concept to grasp. After all, you wouldn't stroll into a bar with a megaphone … |
| | Reports started circulating yesterday that Gmail had been hacked, with some 5 million logins at risk. This follows the publication, on Tuesday, of a plain text list of Gmail usernames and passwords on a Russian Bitcoin forum. Within 24 hours the 'hack hysteria' had taken hold and people were being …  |
The End.