security

Securing your cPanel server is crucial and may not be as complicated as you thought. Here mentioned 7 ways to boost cPanel security, make sure to ensure these cPanel Security tips

Hello, In case of foundation a new business, I put up my VPN service for sale. https://headvpn.com HeadVPN service was founded in 2014 and continues to this day. The main advantages of our VPN service: + Easy to Install & Use. We have prepared all necessary setup tutorial for all...

Welcome, and thanks for Visiting. We are a Virtual Private Cloud (VPC) specialist. Our services allows you, to isolate your compute instances from the Public Internet, providing you with multiple layers of security, privacy and anonymity. If you need simplicity, Speed, agility, Security and...

I have multiple web sites (and a few other processes) I want to run in an environment that is flexible and as low maintenance as possible. This includes my sites and customer sites, production and development. Most share a common platform (Python, Django, Postgres, Linux (mostly Debian)). I need...

Article Link: http://krebsonsecurity.com/2016/08/the-reincarnation-of-a-bulletproof-hoster/ Excerpt:  @HostSailor, any comments?  Curious as to what the purpose of this all is. 

httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict: RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY HTTP_PROXY is a popular environment...

So maybe you live under a rock and avoid news sites, congrats on being a rare creature and happy day to enjoy that quiet by the stream. Rest of us have been snorting as the Panama Papers hack job matures and controlled media IV drips bits and pieces (even though they've had the data for a...

Do we have any resident cobblers / DIY types who are using Linux for CCTV / security related? I mean legit Linux DIY not premade embedded systems. I am fussing with some China dump wifi cameras (read cheap).  Quite interesting little units for the price (bound to be more like them). ~ $15 a...

Interesting reading...   l report: https://oag.ca.gov/breachreport2016

Hi all, I posted before about this tool,but i didn't have time for updates last few months and in last few weeks few nice people asked when tool will be updated. I took few evenings hours and i made first version to support Devuan and Debian 8. What this tool is about 1. Easy way to set...

Arbor Networks annual Worldwide Infrastructure Security Report: one of the highlights is a 500 Gbps DDoS attack sustained by one of its clients last year https://www.arbornetworks.com/images/documents/WISR2016_EN_Web.pdf (115 pages )

Mystery Database Owner Exposes 191 Million US Voter Records Online A security researcher has discovered a database of 191 million American voters including personal information unprotected on the internet due to misconfiguration, according to media reports. On December 20 DataBreaches.net...

If you want to force SSL everyone on your website just add these rules to a .htaccess file the htdocs (www) root of your webserver. Hint: This also works on subdomains, just put it in the root of the folder at which the subdomain is pointed to.

http://www.extremetech.com/computing/212038-oracle-tells-its-customers-to-stop-analyzing-its-code-for-security-flaws#disqus_thread Source ^ : Whats your take on this? 

More: http://www.securityweek.com/amazon-releases-new-open-source-implementation-tls-protocol Just a server implementation, as far as I can tell, not a client implementation. Still, good news.

Text of the notice: https://blog.lastpass.com/de/2015/06/lastpass-security-notice.html/

Not sure if you guys new about the issue yet just wanted to give you guys a heads up as I was updating my systems and found this on the alert. More info on this site link below a little snippet of info from the site about the security issue. http://venom.crowdstrike.com/ VENOM, CVE-2015-3456...

https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/ Mozilla has posted an announcement to their security blog that they are deprecating plain HTTP without encryption. They plan to do that by: Presumably nothing will happen until after Let's Encrypt's free certs are...

Apparently tomorrow the OpenSSL team is releasing a new update and are urging people to update as soon as it's made available. Apparently there's a serious bug fix involved. https://mta.openssl.org/pipermail/openssl-announce/2015-March/000020.html

It looks like the researchers are at it again with a new SSL/TLS vulnerability - CVE-2015-0204 or the FREAK attack. Naturally, details are available on the exploits website: https://freakattack.com/