[security] Forum Topics

The Apple iWork office productivity suite for the Mac has been around for ages, and was recently joined by an iOS version. iWork documents have, up until now, been seen as being pretty safe courtesy of the particular implementation of the 128-bit AES encryption Apple used to secure them. I …

Security researchers are warning that some 30,000 WordPress websites, 85% of them based in the US, have been compromised by a mass-injection hijack attack which sees visitors to any of more than 200,000 individual pages redirected to a Trojan infected rogue AV scam. [ATTACH=RIGHT]24076[/ATTACH]The senior security researcher with Websense Labs, …

Hey everyone, Our team at Dell SMB has recently put together a [Slideshare](http://goo.gl/oJtjH) of our most popular white papers. I hope this is helpful to the Daniweb community! Thanks, Mourin

Probably the most common Olympic Games 2012 scam is that of unofficial ticket sales. No great surprise there, but the fact that Google appears to be in on the act might come as a shock to many. So what, exactly, is going on? [ATTACH=RIGHT]23779[/ATTACH]A little known law in the UK …

The Iranian Cyber Army may be the latest elite military hacking squad to hit the headlines, but Iran has a long way to go if it's to catch up with China in terms of international data disruption. According to one newly published report into the threat from Chinese state-sponsored espionage …

I think my site has been hacked! I found these lines of code on all my php files and I didn't put them there. Problem is I don't know enough php to understand what this batch of code does. Could anyone please help? How bad is it? Here's the code: …

Following the arrest of 25 suspected members of the Anonymous hacking collective in Europe and South America, the INTERPOL website went offline. Coincidence? I don't think so. After all, Anonymous has already proven it isn't scared, or indeed incapable. of taking down law enforcement sites. Earlier in the month it …

i was a diploma in networking, and has be in the final year and need to do some network security project.. can someone give me an idea what things should i do for my project.. because i think i just want to do something that been related with router.. i …

I want to manually test my sites to check if they are secure against SQL injections. Whats a good way to attempt it. How do I get started? thank you

hi there can anyone tell me if its possible with php to use certificate to autenticate to a web application admin area instead of using common username and password? and is there a vps web server that can encrypt the whole drive and database of my application, for it may …

The Ainslot.L Trojan appears to be much the same as any other at first glance; logging user activity and sending Gmail and Facebook passwords to the bad guys, downloading further malware, taking over your computer and the main payload of being a Banking Trojan stealing account login data. But Ainslot.L …

I want to build a network protocol analyzer, but I really don't know where to start. Obviously, I don't want the code in hand, I can think it up myself -- but the problem is a little more specific - where do I look at to get the IPs passing …

Hello, I'm developing an e-commerce site in a LAMP environment. Is it advisable to separate data on to different servers (i.e. to have one server as the web server and another server to house transaction and other customer data)? In other words, from a security perspective is there any reason …

If you use, or operate, a password-free wireless network then legal action being taken in the US by the adult movie industry might just be about to rain on your parade warns one European IT threat mitigation expert. [ATTACH=RIGHT]23826[/ATTACH]The lawsuit was filed by Liberty Media Holdings, a producer of adult …

Hello! Is there a way to hide the password of your database inside the source code? [CODE=vb.net]"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" & Application.StartupPath & "\Database.accdb; Jet OLEDB:Database Password = [B]MyPassword[/B]"[/CODE] As you can see the password is exposed, increasing the risk for the database to be compromise. Is there anything you can suggest …

[URL="http://en.wikipedia.org/wiki/Man-in-the-middle_attack"]Man-in-the-Middle (MITM) attacks[/URL] are, sadly, not news these days; they are a fact of online life. But word of how the latest SpyEye Trojan-driven MITM attacks are using clever post transaction fraud systems to effectively erase the evidence of the crime from the victims' view certainly deserve to be. Attacking …

British software developer Conseal Security has just launched a rather clever solution to the problem of securing the data on your portable media such as USB thumb drives and portable hard drives while at the same time maintaining fully centralized control of the management of those devices without breaking the …

hey fellow PHP developer, Is there any way we could protect our PHP source code from being modified after a 3rd person receives the code? I had developed a web application and when i give the source code to another person i want it to be write protected. Currently i …

I know this question is extremelly hard to answer without actually checking how I setup my server, but I wondered if anyone could give me a quick rundown and/or information as to how I could check and protect it further. I am running a Web Hosting Server using old computer …

I have the following PHP: [CODE]<?php define('DB_NAME', 'database'); define('DB_USER', 'root'); define('DB_PASSWORD', 'password'); define('DB_HOST', 'localhost'); $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if (!link){ die('Could not connect to database'); } $db_selected = mysql_select_db(DB_NAME, $link); if (!$db_selected) { die('Could not connect to the database'); } $value = htmlspecialchars($_POST['Name']); $value2 = htmlspecialchars($_POST['Email']); $value3 = htmlspecialchars($_POST['Subject']); …

I am currently using MySQL so people can send my a message that shall be stored in the database. The only issue is I have no idea how to protect against SQL Injection, below is my HTML: [CODE]<form action="Action.php" method="POST" /> <p>Name: <input type="text" name="Name" /> </p> <p>Comment: <input type="text" …

How will Microsoft differentiate Windows 8 in an already crowded Windows OS user space? How about, for one, with the use of a photographic gesture security system for logging in? The idea of using a photo to identify and authenticate the user is not without some pretty obvious problems (ambient …

I am wanting to set up a home server using an old computer, after doing some costs it would work out considerably cheaper than using a hosting service, and although less reliable I feel it would be some good and valuable experience. I have installed Ubuntu server edition onto my …

Sykipot is not a new Trojan Horse by any means, but the variation found to be attacking Department of Defense smart cards is certainly something that government agencies need to be worried about. United States government agencies, that is. It's doubtful the Chinese government will be too worried about them, …

Hii I have a work network and all computers have the same workgroup name, but the workgroup is a part of whole bulding network. I wanted to restrict access to on of the computers to only employees at the office and I enabled guest account on that computer an set …

Recently, I removed Windows XP Security 2012 and was left with a process called ping.exe which uses enormous amounts of CPU. I am in the process of completing the sticky guide ([url]http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865[/url]) and am currently running scan #2 using GMER. I have ran the Windows Malicious Software Removal Tool, ATF-Cleaner, …

Most of the reports out yesterday about the release of [URL=http://www.microsoft.com/ie8]Internet Explorer 8[/URL]Beta 2 focused on its so-calledInPrivate Browsing, which leaves no trace of the Web sites you visit and protects anonymity. And while that's certainly useful, developers are likely to be more interested in its improvements in DOM and …

(This is my first post.) As the title suggests, I want to know of any security vulnerabilities there are in Windows 98. I have just installed Windows 98 on a virtual machine, and I wanted to see if I could exploit it somehow. The reason why I want to do …

Hi! Im new to php web development. I am developing an online shopping system where theres an admin page that allows him to add, edit, delete category and products. to cut the story short, what I want to know is, is it safe to save the table for admin username …

With the recent announcement of an easy way to gain root access for Android phones running 2.3.4, to add to the list of similar exploits for earlier versions and 3.0 and beyond, it should come as no real surprise that the bad guys are taking advantage of the relative weakness …