If you are like me, you want to make sure that the software you run is as secure as possible. My partners and I even subscribe to several third party services that actually scan our servers looking for exploits that could be taken advantage of by hackers or script kiddies. Since one of the most […]
UNIX System Monitoring
Pleth. I get the impression from Matt’s post that he likes the software pretty well, I know he’s not a big fan of any kind of bloated software. I checked Monit’s website this morning and was very impressed to see that they also have a free iPhone application that will allow you to track your […]
Ruby on Rails Vulnerability
So apparently there was a XSS vulnerability patched yesterday in Ruby on Rails that affected Twitter and Basecamp. The spin that a lot of people are trying to put on this story is that IE8 was immune to the cross site scripting vulnerability but I think that the focus should be put on the fact […]
Thoughts on Hacked Facebook Accounts & Security
This morning I noticed that a few of my friends had their Facebook accounts compromised over the weekend. Granted, this is not uncommon, and for the most part your friends will understand, but it’s still a nuisance. As a result of this weekends breakout, I had a couple of people ask me to do a […]
Locking Down Authentication Inside PHPRunner
One of the biggest challenges you face when building hosted applications is how to prevent brute force or guessed password authentications. Especially given the number of warez type applications that are out there that allow unsavory users to do just that. Well, I found a resource on Xlinesoft’s website that demonstrates how to do block […]
Critch on Drupal Security / PCI Compliance
Resident Server Administrator and all around Linux Guru, Matt Critcher, recently posted an entry on his blog about Drupal Security and PCI compliance. Matt has been running Drupal on his site for a while now and it seems to be working out well for him. I always look to Matt for security issues because he […]
Turkish Hackers Break Into US Army Servers
My partners and I have been around the block w/ some Turkish hackers in the past and even involved the FBI once during a pretty persistent onslaught and I walked away from that experience pretty impressed with their hacking talents. Defacing websites and planting rootkits on commercial servers is one thing but hacking into anything […]
33 Twitter Accounts Hacked
Update: 01/05/09: CNN has posted a little more information regarding this breach on their website, here’s a link. What I am wondering is what in the world do you do w/ a Twitter account once you hack it? It just doesn’t make a whole lot of sense to me, I guess I just don’t see […]
#phishingalert Attack Underway!
Over the past 20 or 30 minutes this evening I have seen a lot of tweets reporting a phishing attack that is apparently running rampant on Twitter’s social networking. If you get a Twitter direct message today reading: “check out this funny blog about you”, don’t do it. The link leads to a fake Twitter […]
Exploit Alerts from Google
Today I was waiting around for a meeting to get started and pulled up Google’s blog to read about their earnings report that was posted yesterday and saw where they had expanded their Webmaster Tools to include XSS Exploit notifications. This is a great idea in my opinion! My business partners and I were in […]