Because of unsafe NTP practices, internal clocks on remote machines can be manipulated under the right conditions. Once time is altered, expired SSL certificates become valid again and causes HSTS policies to expire.
But what about authentication? Certain TOTP implementations such as popular WordPress plugins also rely on the local timestamp.
This article demonstrates a proof of concept for accessing two-factor authentication protected WordPress dashboards.
This post guides you through the process of setting up PGP on OS X and registering a Keybase account. Configure Thunderbird and create a verified Keybase profile that allows you to send and receive encrypted email messages with other Keybase members.
One of the security risks of software development is passwords and other credentials hard-coded into the source code.
A quick analysis of the leaked Ashley Madison dumps shows that software developers of AM forgot about these risks. Their source code contains AWS tokens, database credentials, certificate private keys and other secret credentials.
The consequence of this is a more vulnerable infrastructure, which probable made the lateral movement easier for the Impact Team.
Even pure technologists have to write security policies in an enterprise environment. As a subject matter on something, technology experts might be asked to contribute to the Software Development or the Internet Acceptable Use policies.
However this leads to policies that nobody reads. Copy-and-paste texts, dry language and 60-page long documents. Rings a bell, anyone?
In the following post I reveal a few tricks up my sleeves for writing simple, crystal-clear and straightforward security policies.
While ISPs in the UK and other countries are blocking file sharing websites such as The Pirate Bay, movie-lovers have different alternatives to circumvent these restrictions. One popular way to overcome the filtering is using mirrors.
Torrent mirrors are essentially reverse proxies, which are forwarding HTTP traffic between the UK and the original sites hosted elsewhere. Data supposed be left intact and the only difference should be the address in the URL bar.
This experiment proves however that 99.7% of the tested BitTorrent mirrors are injecting additional JavaScript into the web browsing traffic. A great share of these scripts serve content with malicious intent such as malware and click-fraud.
Purge those nasty JSESSIONID and PHPSESSID parameters from the URL bar. Now. Sensitive data in GET parameters are bad. Even over HTTPS.
Check out this session ID killer proxy built on nginx, that converts these sensitive query parameters into safe and secure cookies.