Cloud Insidr

Cybersecurity in the Age of the Machine

  • Subscribe!
  • Privacy Policy
  • Legal
  • Contact Us

Join us on Twitter: @CloudInsidr

  • news & alerts
    • events
    • industry analysis
    • industry gossip
    • people
  • cloud, edge & co.
    • AWS
    • administration & orchestration
      • web servers in the cloud
      • mail servers
      • databases
  • cybersec & warfare
    • encryption
  • blockchain
Home Archives for Filipe Martins
How to Activate HTTP/2 with TLS 1.3 Encryption in NGINX for Secure Connections without a Performance Penalty

Filipe Martins 2023-01-31 Leave a Comment

How to Activate HTTP/2 with TLS 1.3 Encryption in NGINX for Secure Connections without a Performance Penalty

 

Are you ready for a better security with no performance penalty? Are you ready for a performance bump that can take you places in search engine land? In other words: now that HTTP/2 reached production-grade maturity, nothing should hold you back.

The IoT  revolution will make sure that only the paranoid survive.

[Read more…]

Filed Under: cloud, edge and everything in between, cybersecurity and cyber warfare, web servers in the cloud Tagged With: cipher suites, Diffie-Hellman, ECDHE, FLAME, HSTS, HTTP/2, NGINX, SHA-1, SHA-2, SSL, TLS

SELinux security contexts: correcting SELinux labels on a file system

Filipe Martins 2022-03-21 2 Comments

SELinux security contexts: correcting SELinux labels on a file system

SELinux can be such a nuisance. In particular, if you have a newly created file system, you will need to add labels to it, also known as SELinux security contexts.

[Read more…]

Filed Under: Linux, NGINX, SELinux, Uncategorized Tagged With: cyber security, SELinux

DROWN, a New Attack on OpenSSL: Millions of OpenSSL-Secured Websites Are at Risk!

Filipe Martins 2016-03-01 Leave a Comment

DROWN, a New Attack on OpenSSL: Millions of OpenSSL-Secured Websites Are at Risk!

A recently discovered security vulnerability in OpenSSL allows a long-deprecated protocol, SSL v2 (Secure Sockets Layer) to be misused in attacks at modern websites. The new attack has been, perhaps fittingly, dubbed DROWN, an acronym for Decrypting RSA with Obsolete and Weakened eNcryption. Cyber security analysts believe it might shut down–or shall we say drown, more than one third of all HTTPS servers. Is yours one of them?

[Read more…]

Filed Under: administration and orchestration, alerts, cloud, edge and everything in between, cybersecurity and cyber warfare, news Tagged With: DROWN, HTTP/2, OpenSSL

Create a Content Security Policy to Protect Your Web Application against XSRF/CSRF/XFS, Clickjacking and Other Code Injection Attacks

Filipe Martins 2016-02-22 Leave a Comment

Create a Content Security Policy to Protect Your Web Application against XSRF/CSRF/XFS, Clickjacking and Other Code Injection Attacks

[Updated 2019-03-17] Are you wondering why some JavaScript code from external domains simply won’t execute on your website? The reason could be as simple as an overly restrictive Content Security Policy (CSP for short). This article explains how you can create a Content Security Policy that’s both protective and functional. It will help you to secure your web server from some types of cross-site request forgery (XSRF/CSRF/XFS), clickjacking and other code injection attacks.

[Read more…]

Filed Under: administration and orchestration, cloud, edge and everything in between, cybersecurity and cyber warfare, encryption, Uncategorized, web servers in the cloud Tagged With: CSP, cyber defense, cyber security, cybersecurity, NGINX

How to Restore Your Instance Data from a Backup using Snapshots on AWS EC2/EBS

Filipe Martins 2016-02-16 Leave a Comment

How to Restore Your Instance Data from a Backup using Snapshots on AWS EC2/EBS

You are writing all these backups as individual EC2 snapshots and/or full AMIs on AWS EC2 but how can you actually use them, should disaster befall your data?

Here is how to do that on Linux.

[Read more…]

Filed Under: administration and orchestration Tagged With: AWS, EBS, EC2

  • 1
  • 2
  • Next Page »

Subscribe

SSL/TLS Certificate Square (250 x 250)

Tag Cloud

AWS AWS Billing Dashboard AWS Config AWS Cost Explorer AWS EBS AWS Resource Explorer AWS Tag Editor AWS Trusted Advisor cipher suites cyber security Diffie-Hellman EBS EC2 ECDHE Five Eyes Alliance FLAME HSTS HTTP/2 Java Linux Log4j NGINX NVMe PHP RCE Route 53 SELinux SHA-1 SHA-2 SQL SSL TLS

Pearson Education (InformIT)

SSL/TLS Certificate Medium Rectangle (300 x 250)

©2022 CybrAnalytiqa OÜ

  • Content purchasing and syndication