Derek – WindowsTechs.com

git reflog is showing plain text password used as a secret texts or files in Jenkins

Posted on August 24, 2020 by Derek

We are using Jenkins Freestyle Project to push the changes on the remote server. We are executing shell script on remote host using ssh for it. To pull the changes on the remote server, we are using origin url with git username and git pas… Continue reading git reflog is showing plain text password used as a secret texts or files in Jenkins→

Risk from .mp4 on Android? [closed]

Posted on January 15, 2020 by Derek

I was cleaning out my phone today, and stumbled onto a video file I didn’t recognize in the top directory of my phone’s device storage. Without really thinking, I played it in Google photos, deleted it after seeing it was something I didn’… Continue reading Risk from .mp4 on Android? [closed]→

In apache, why www-data owner of a web application directory is safer than recursive 777?

Posted on October 21, 2018 by Derek

I have ubuntu 16.04 LTS and I am running my php web application through Apache (php-fpm). I am little concerned about files and directory permissions. Many links are suggesting that I should keep owner www-data or apache (Dep… Continue reading In apache, why www-data owner of a web application directory is safer than recursive 777?→

Fake referer is affecting my google search results

Posted on April 27, 2018 by Derek

Google search result of my wordpress site is different than original content. We have taken services of security expert and they have scanned the site and database but there is no modification in code and database. Neither th… Continue reading Fake referer is affecting my google search results→

Magento site hacked by unknown vulnerability

Posted on May 11, 2017 by Derek

Home page of my Magento site is hacked. A hacker put his javascript and html code in design/head/includes of table core_config_data. Somehow he updated value of design/head/includes from NULL to his script that’s why home pag… Continue reading Magento site hacked by unknown vulnerability→

Need to make secure apache while using cgi script in browser

Posted on March 5, 2017 by Derek

My apache server has cgi module enabled because we need to execute cgi scripts in browser. We have enabled suExec module of apache which allows to execute cgi script as a particular user, In our case that user is ubuntu and c… Continue reading Need to make secure apache while using cgi script in browser→

How to prevent DirBuster to stop listing apache server side files

Posted on May 11, 2016 by Derek

I have deployed a php project on apache. When I use DirBuster tool to scan my site, it lists all server side files. I want to stop this listing.

I have modified the permission. When I give the less permissions, which are necessary to open… Continue reading How to prevent DirBuster to stop listing apache server side files→

Remittance Adivce – word doc macro malware leads to #Dridex

Posted on March 17, 2016 by Derek

Last revised or Updated on: 17th March, 2016, 9:32 AMAn email with the subject of Remittance Adivce pretending to come from random names and email addresses with a malicious word doc or Excel XLS spreadsheet attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The name of the alleged sender matches the name … Continue reading → Continue reading Remittance Adivce – word doc macro malware leads to #Dridex→

Interparcel Documents – word doc macro malware leads to Dridex

Posted on March 17, 2016 by Derek

Last revised or Updated on: 17th March, 2016, 9:10 AMAn email with the subject of Interparcel Documents pretending to come from Interparcel <bounce@interparcel.com> with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. The email looks like: From: Interparcel <bounce@interparcel.com> Date: none Subject: Interparcel Documents Attachment: Shipping Labels (642079569307).doc Body … Continue reading → Continue reading Interparcel Documents – word doc macro malware leads to Dridex→

RE: MINERAL & FINANCIAL INVESTMENTS LTD – Order Number 89785/682352/15 status updated to order processing – word doc macro malware

Posted on March 16, 2016 by Derek

Last revised or Updated on: 16th March, 2016, 2:28 PMAn email with the subject of RE: MINERAL & FINANCIAL INVESTMENTS LTD – Order Number 89785/682352/15 status updated to order processing pretending to come from random names and email addresses with a malicious word doc attachment is another one from the current bot runs which try to download various Trojans and password stealers especially banking Trojans like Dridex or Dyreza and ransomware like Locky, cryptolocker or Teslacrypt. They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers. … Continue reading → Continue reading RE: MINERAL & FINANCIAL INVESTMENTS LTD – Order Number 89785/682352/15 status updated to order processing – word doc macro malware→