6 Deadly AJAX Drawbacks: Are you aware?
Some developers view AJAX as the silver bullet for every scenario. However, AJAX introduces its own set of hazards in various areas, which include:... more »
4 commentsSave Tags: ajax, javascript, security, xml
SOA Security 101: Patching the Firewall Hole
Service-oriented architectures have opened and connected “black box” software implementations across enterprises, resulting in a new set of... more »
1 commentsSave Tags: java, security, web services
Password authentication without revealing your password
The majority of personalized web sites use some kind of form-based password authentication where you have two form fields for username and password,... more »
5 commentsSave Tags: how-to, javascript, security
Torvalds: Fed up with 'security circus'
Linus Torvalds, creator of the Linux kernel, says he's fed up with what he sees as a "security circus" surrounding software vulnerabilities and how... more »
2 commentsSave Tags: opinion, security, unix-linux
Where is the Net::SSH bug
Yesterday I spent several hours trying to find the problem with our implementation of OpenSSL Cipher, that caused the Net::SSH gem to fail miserable... more »
0 commentsSave Tags: ruby, security, server, web 2.0
SQL Injection attacks in the wild - why they're working and what to do
Over the past several days, a significant number (in the thousands) of web applications, some of them well-known and well-used, have fallen victim to... more »
0 commentsSave Tags: database, security
Common Security Flaws In PHP Applications
No matter how long you’ve been programming or scripting, once in a while you’ll catch yourself making a serious (security) flaw that you thought you’d... more »
0 commentsSave Tags: how-to, php, security, standards
Web Application Security
How would you determine whether your website is being hacked or not? Read the way hacker steals the information and hacks your website. Moreover, how... more »
0 commentsSave Tags: database, php, security, web services
Java Web Applications Spread Bots and Keyloggers?
In its report, Cybercrime Trends for 2008, Symantec claims, "Java-based Web applications—small programs, such as video players or interactive maps,... more »
0 commentsSave Tags: java, security, usability, web design
Google Releases an Open Source Cryptography Toolkit
Google has just released an open source cryptographic toolkit: Keyczar. The company is aiming to make inherently complex cryptography easier and safer... more »
2 commentsSave Tags: frameworks, java, python, security
Death from the mailroom – iPhone hacks your company from the inside
The Apple iPhone is great for phone calls and viewing YouTube videos, but it can also be turned into one heck of a wireless hacking tool capable of... more »
0 commentsSave Tags: mobile, security
PHP Code: Top Ten Security Vulnerabilities
Below follows the top ten security vulnerabilities that might be hiding in your PHP code.
0 commentsSave Tags: opinion, php, security, web design
Goodbye, Passwords. You Aren’t a Good Defense
bloid 
via nytimes.com
THE best password is a long, nonsensical string of letters and numbers and punctuation marks, a combination never put together before. Some admirable... more »
1 commentsSave Tags: opinion, security
Game over for Vista?
This week at the Black Hat Security Conference two security researchers will discuss their findings which could completely bring Windows Vista to its... more »
2 commentsSave Tags: security, windows
Custom Authentication Schemes with Grails and JSecurity
bloid via jakusys.de
In my current software project a requirement is an authentication scheme consisting not of the usual user name an password, but user name, password... more »
0 commentsSave Tags: frameworks, groovy, security
Grails security: Tomcat policy files
bloid via rpu-notes.blogspot.com
After some hours i got running our grails application in apache-tomcat 6.0.18 secure mode:
0 commentsSave Tags: frameworks, groovy, security, server
Ubuntu issues big PHP update
The Ubuntu development team yesterday released a series of security fixes for PHP running on Ubuntu 6.06 LTS, 7.04, 7.10 and Ubuntu 8.04 LTS. The... more »
0 commentsSave Tags: announcement, php, security, unix-linux
Top Ten Security Vulnerabilities in PHP Code
Rochak Chauhan lists his top 10 vulnerabilities, and what you can do to help stop them
0 commentsSave Tags: php, security
JavaRanch Journal, August 2008
Featuring articles on JAAS, IP to location, HashMaps and Pagination using JDBC and JSP
0 commentsSave Tags: database, java, news, security
Are Java Web Applications Secure?
One of the most extended belief about web applications is that most of them are insecure. This opinion is supported by statistics published by SANS... more »
1 commentsSave Tags: java, security, web design
Password : You're doing it wrong
I'd like to think that I deal with passwords the way most developers do. When dealing with registration or something else that requires the user to... more »
0 commentsSave Tags: opinion, security, trends, usability
Advanced Web Application Security
The security landscape has changed dramatically in the past 12 months. Unless you are aware of CSRF, Javascript Highjacking and the many ways to fool... more »
1 commentsSave Tags: how-to, java, security, web design
Yes, cross-plattform Single Sign-On for Java Webapps is possible
A customer participating in the SVNSearch beta round asked me about Single Sign-On solutions for SVNSearch. SSO has become something of holy grail in... more »
0 commentsSave Tags: frameworks, java, security
WARNING! DNS cache Poisoning can put you in serious trouble!
Article on DNS cache poisoning and how to protect yourself from it
0 commentsSave Tags: news, security, tools, web services
Kevin Mitnick: Social engineering 101
Kevin Mitnick has proven that the weakest link in any security system is the person holding the information.
0 commentsSave Tags: security
