Posts Tagged ‘security’
Locking Down Your Linux Server with APF + BFD
Posted on October 18, 2011 by snipe in Featured, Web Development
If you allow SSH access to your server, there are some simple steps you can take to restrict access and protect yourself from brute force attacks. Two of my favorite scripts to do this are Advanced Policy Firewall coupled with Brute Force Detection, both by R-FX Networks.
Rogue Antivirus Attacks Tailored to Mac and PC
Posted on May 7, 2011 by snipe in Featured, Life Tools
Rogue antivirus is a term used to describe a trojan (called such because it is a malware file disguised as a file the user has been convinced they want to open) that uses social engineering to trick a user into thinking their computer has been infected, and offers a free antivirus download to “clean” their [...]
New Facebook Page Admin Scam
Posted on May 3, 2011 by snipe in Featured, Web Development
A new scam has come to our attention, one that’s a new take on an old trick in Facebook. Scammers are adding users as page administrators on a page that’s got a poisoned IFRAME set as the default tab.
iPhone/iPad Apps for Coders and Sysadmins
Posted on April 28, 2011 by snipe in Featured, Web Development
It wasn’t that long ago that I scoffed at the idea of the iPad, or at least thought it would never have any place in my tech toolkit. I finally broke down and got one, and it’s changed the way I work, largely because of the number of fantastic apps out there. We’re finally at [...]
Know Your Social Media Scams & Rogue Apps
Posted on March 3, 2011 by snipe in Featured, Life Tools, Tips & Tricks
As the number of scams and malware threats increase on Facebook and Twitter, it can be hard to keep track of what’s legitimate and what’s not anymore in a way that is in plain-English for non-techies, who are arguably the ones who need this information the most.
Facebook Introduces HTTPS Opt-In for Users, Impacts App Developers
Posted on January 26, 2011 by snipe in Featured, Web Development
In an article posted today on the Facebook Developer Blog, Facebook announced that they would be offering users the option to switch their Facebook experience to HTTPS-only, which would force all Facebook page loads to be routed over SSL.
Security Keynote Download
Posted on January 13, 2011 by snipe in Freebies, Tips & Tricks
I recently gave a low-tech security and social engineering talk at my company to help raise awareness of better password practices and scenarios to be on the lookout for. The deck is 36 slides, and you can download it in PDF, .key or as images.
Upcoming WordPress Security Book
Posted on November 5, 2010 by snipe in Featured, PHP/mySQL, Web Development
I casually asked a few of you (okay, almost 8,000 of you) if there would be any interest in a commercial (but cheap) e-book on securing, monitoring, and un-hacking WordPress. I received enough “yes”, “absolutely” and “hell yeah!” replies that I decided to move forward with this project.
Firefox Addons for Penetration/XSS Testing
Posted on October 14, 2010 by snipe in Featured, PHP/mySQL, Web Development
2010 was supposed to be the year of the Tiger, but it’s felt more like the year of Pwny so far. This article covers some Firefox add-ons that help you test your own apps, whether you’re working with a penetration tester, or by default, you are the penetration tester.
Upgrading to WordPress 3.0 and Adding Multi-Site
Posted on June 19, 2010 by snipe in Featured, PHP/mySQL
WordPress 3.0, code name “Thelonious”, has been released, and it brings multi-site functionality as part of the core. As someone with far too many blogs of my own, I thought this would be a great time to start switching them all over, and let you know what you’re in for if you choose to do [...]
An Open Letter to Rackspace Cloud Hosting
Posted on January 28, 2010 by snipe in Featured, Web Development
I just received an automated email from Rackspace that made my brain melt. It’s no secret that a lot of websites have been hacked lately. One thing they seem to have in common is that they’re all running WordPress, and a lot of them are hosted at the Rackspace Cloud.
