FedSearch
Stefano Marinelli · @stefano
813 followers · 1837 posts · Server mastodon.bsd.cafe

A few days ago, someone asked me for advice about a slow website.
Upon analysis, the server wasn't the issue—it was running on bare metal. However, the site was operating on PHP 5.4 (default for CentOS 7) and was entirely custom-made.
I suggested updating everything, especially since CentOS 7 is nearing its EOL, and transitioning the web application to work on PHP 8.
Their response? "We don't want to do it." They wanted me to set up a new, optimized server to run PHP 5.4. I explained the risks and the nonsensical nature of this, only to hear that they found someone willing to install PHP 5.4 on a new system. So, if I refused, they'd give the job to someone else.
I replied, "Good luck," and ended the conversation.

It saddens me that some in the IT world would opt for such shortcuts rather than striving for a more secure web.

#linux #centos7 #websecurity #techethics #servermanagement #sysadmin #php

Last updated 2 years ago
Original post

Lulu Powerful · @lulu_powerful
173 followers · 722 posts · Server fosstodon.org

Hellloooo, Web Security Mastodon. :)

I have a question if you don't mind indulging me. I've used a VPN for a while, but all of a sudden, a bunch of popular retail sites have stopped working for me - unless I turn off my VPN.

Same thing is happening to my family member, who uses a different VPN.

I use a Chromium-based browser (I know, I know, I have excuses lol), and he uses a Firefox variant.

So... has it begun? Is this the start of the "web integrity" apocalypse?

#websecurity

Last updated 2 years ago
Original post

Daniel Norton · @daniel
97 followers · 587 posts · Server mastodon.danielnorton.com

Congrats to the University of Pennsylvania for the greatest number of hacked Google hits via website open redirect.

e.g. google.com/search?q=site%3Awww

You can put any URL after "workday.upenn.edu/" and it will redirect there.

See cwe.mitre.org/data/definitions

#cybersecurity #security #privacy #cwe #cwe601 #openredirect #websecurity #crosssiteredirect #crossdomainredirect #universityofpennsylvania

Last updated 2 years ago
Original post

AzureTracks · @azuretracks
0 followers · 33 posts · Server techhub.social

Tip: Safeguard your web browsing experience with Microsoft Defender SmartScreen. It blocks known malicious websites and helps protect you from phishing attacks.

#websecurity #microsoftdefender

Last updated 2 years ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 9089 posts · Server dromedary.seedoubleyou.me

#vulnerabilities #websecurity #government #guidance

Last updated 2 years ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 8887 posts · Server dromedary.seedoubleyou.me

#vulnerabilities #websecurity #government #guidance

Last updated 2 years ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 8786 posts · Server dromedary.seedoubleyou.me
SecurityWeek - US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications

#vulnerabilities #websecurity #government #guidance

Last updated 2 years ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 8685 posts · Server dromedary.seedoubleyou.me

#vulnerabilities #websecurity #government #guidance

Last updated 2 years ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 8584 posts · Server dromedary.seedoubleyou.me

#vulnerabilities #websecurity #government #guidance

Last updated 2 years ago
Original post

Skyper 💻🎧☕📖 · @Skyper
28 followers · 222 posts · Server fosstodon.org
Open media

@zaproxy is now mentioned in the "Built with Kaitai Struct" section of the official website of the project!

Kaitai Struct has been used to generate the parser of ".DS_Store" files baked into ZAP to detect potential hidden files when crawling websites with its Spider tool.

#security #infosec #hacking #web #websecurity

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
136 followers · 393 posts · Server defcon.social
Open media

HTTPLeaks - All possible ways, a website can leak HTTP requests

github.com/cure53/HTTPLeaks

#pentesting #websecurity #infosec

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
124 followers · 384 posts · Server defcon.social
Open media

#cybersecurity #pentesting #informationsecurity #hacking #datasecurity #cybersec #bugbountytips #linux #websecurity #network #networksecurity #cybersecurityawareness

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
124 followers · 382 posts · Server defcon.social
Open media

#cybersecurity #pentesting #informationsecurity #hacking #datasecurity #cybersec #bugbountytips #linux #websecurity #network #networksecurity

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
117 followers · 372 posts · Server defcon.social
Open media

#cybersecurity #pentesting #informationsecurity #hacking #datasecurity #cybersec #bugbountytips #linux #websecurity #network #networksecurity #cybersecurityawareness

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
115 followers · 362 posts · Server defcon.social
Open media

#cybersecurity #pentesting #informationsecurity #hacking #datasecurity #cybersec #bugbountytips #linux #websecurity #network #networksecurity #cybersecurityawareness

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
115 followers · 361 posts · Server defcon.social
Open media

#cybersecurity #pentesting #informationsecurity #hacking #datasecurity #cybersec #bugbountytips #linux #websecurity #network #networksecurity #cybersecurityawareness

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
115 followers · 361 posts · Server defcon.social
Open media

#linux #websecurity #network #networksecurity #cybersecurityawareness #cybersecurity #pentesting #informationsecurity #hacking #datasecurity #cybersec #bugbountytips

Last updated 2 years ago
Original post

FastRuby.io · @FastRuby
27 followers · 97 posts · Server ruby.social
Open media

There is no greater threat to your Rails app than exploitable code.

ICYMI: Our Rails security webinar is out and free to watch! Check out our new blog to watch it, as well as Ernesto’s slides. Make sure to bookmark our resources linked throughout—you’ll need them!

fastruby.io/blog/fortify-rails

#rubysec #security #infosec #cybersecurity #websecurity

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
113 followers · 353 posts · Server defcon.social
Open media

#cybersecurity #pentesting #informationsecurity #hacking #datasecurity #cybersec #bugbountytips #linux #websecurity #network #networksecurity #cybersecurityawareness

Last updated 2 years ago
Original post

Vasileiadis A. (Cyberkid) 🛡 · @Cyberkid1987
113 followers · 349 posts · Server defcon.social
Open media

#cybersecurity #pentesting #informationsecurity #hacking #datasecurity #cybersec #bugbountytips #linux #websecurity #network #networksecurity #cybersecurityawareness

Last updated 2 years ago
Original post