In order to fish our spammer’s emails and other identifying information, you can use your mail clients’ log files and/or junk email. Here is how to get started.
Archives for 2016
Google I/O 2016 conference planned for May 18, registration kicks off on March 8
Sundar Pichai, Google’s CEO, took to Google+ today to announce that the company’s annual developer conference, Google I/O 2016, would take place at the Shoreline Amphitheatre in Mountain View on May 18-20. If you plan to attend, mark your calendars now! The registration kicks off on March 8th.
This Google I/O is going to be huge. Sundar Pichai will celebrate its 10th anniversary with an exciting keynote and countless surprises. Stay tuned!
DROWN, a New Attack on OpenSSL: Millions of OpenSSL-Secured Websites Are at Risk!
A recently discovered security vulnerability in OpenSSL allows a long-deprecated protocol, SSL v2 (Secure Sockets Layer) to be misused in attacks at modern websites. The new attack has been, perhaps fittingly, dubbed DROWN, an acronym for Decrypting RSA with Obsolete and Weakened eNcryption. Cyber security analysts believe it might shut down–or shall we say drown, more than one third of all HTTPS servers. Is yours one of them?
Create a Content Security Policy to Protect Your Web Application against XSRF/CSRF/XFS, Clickjacking and Other Code Injection Attacks
[Updated 2019-03-17] Are you wondering why some JavaScript code from external domains simply won’t execute on your website? The reason could be as simple as an overly restrictive Content Security Policy (CSP for short). This article explains how you can create a Content Security Policy that’s both protective and functional. It will help you to secure your web server from some types of cross-site request forgery (XSRF/CSRF/XFS), clickjacking and other code injection attacks.
How to renew a Letsencrypt certificate
In a post titled How to Set Up Letsencrypt, the SSL-Certificate Engine for the Cloud Era of Hyperscale, on AWS EC2, we have introduced you to this free, open, and fully automated Certificate Authority backed by the likes of Facebook (a gold sponsor), and discussed a manual setup for adventurers in How to Use Letsencrypt across Servers in the Manual Configuration Mode with a CSR.
Now is the time to discuss how to extend the validity of a Letsencrypt certificate for up to another 90 days of blissful happiness.