Top new questions this week:
|
|
I created an online account and received the usual welcome email. In addition, however, an “Undelivered Mail Returned to Sender” email appeared in my inbox one second later. I am the …
|
|
My modsecurity log produces lines like this in section H: Stopwatch: 1672766910416996 75370993 (- – -) Stopwatch2: 1672766910416996 75370993; combined=8155, p1=1356, p2=5617, p3=149, p4=895, p5=137, …
|
|
When I looked up hardcoded password vulnerability in software world, I saw there are three kinds of vulnerabilities. These are that: CWE-798: Use of Hard-coded Credentials The Hardcoded Creds …
|
|
I host my website by my own using droplet/VPS service and node.js server. My wesbite uses SSL Cert/HTTPS from LetsEncrypt, VPS service from DigitalOcean, domain registered from local vendor (RumahWeb) …
|
|
My building gave me a single fob. I made 3 copies of it for my family and they all opened the building entrance but not my actual apartment door, until one day the building told me they had noticed I …
|
|
We have an oauth implementation, which was chosen because of the following reasons: session sharing across different applications easy to reason about the security considerations as oauth is well …
|
|
I’ve noticed that there are two types of wireless headphones / headsets / earbuds on the market – bluetooth and 2.4 GHz wireless (via proprietary dongles). Good example of headset that has both – …
|
Greatest hits from previous weeks:
|
|
I have an internet connection with a static IP address. Almost all staff in my office know this IP address. Should I take any extra care to protect myself from hackers?
|
|
Once an attacker has a shell as your sudoer user (or just compromised a local process enough), he/she can use one of the many privilege escalation tool to even automatically put themselves for example …
|
|
I have a public key generated with ssh-keygen and I’m just wondering how I get information on the keylength with openssl?
|
|
How easily could someone crack my keepass .kdbx file if that person steals the file but never obtains the Master Password? Is this a serious threat, or would a brute force attack require massive …
|
|
To deposit money into your account, some websites require that you provide them with a lot of details about your bank account: name, complete address and IBAN which includes your account number and …
|
|
I just got a call from a very weird number. On my phone it displays as “+1 (1) (5 )” and “USA” below. I answered the call and there was 100% silence. Then about 2 seconds later the call ended. Next …
|
|
Is it possible to provide a subjectAltName-Extension to the openssl req module directly on the command line? I know it’s possible via a openssl.cnf file, but that’s not really elegant for batch-…
|
Can you answer these questions?
|
|
I have a web server. I was investigting why my nginx is keep crashing. I noticed a few other issues in my logs. Note: In the log report, I replace the name of my website with example.com and my second …
|
|
I was wondering if it’s possible to only store and read a ssh private key on a yubikey and not read the private key the yubikey generated from a client computer? Currently the only way it seems to …
|
|
DP-SGD algorithm adds noise during training, but consider a mechanism that adds the noise to the outputs after the normal training process. I read that it reduces privacy for every query, but can …
|
