Collaborate Disseminate
NOT a duplicate of: NoScript: How to determine which sites/scripts to whitelist?
The above referenced question and its answers focused on how to "gauge the trust" of the various sites that provide scripts. This is hugely valuab… Continue reading Noscript: Where in the browser’s ‘inspector’ can I correlate a script source site with specific page functionality
The newly designated APT45 pursues military intelligence but has been expanding its targets, Mandiant says.
The post North Korean hacking group makes waves to gain Mandiant, FBI spotlight appeared first on CyberScoop.
Continue reading North Korean hacking group makes waves to gain Mandiant, FBI spotlight
One of my classes is a term project to be planned, implemented and delivered and which solves a cybersecurity problem. It can either be analytical or practical, and must be at least a hundred hours of work.
So far my ideas are securing my … Continue reading Cybersecurity project ideas [closed]
My neighbor is hacking my pc and I am using a vpn and is watching as I type on my pc. The vpn is active and he can still block specific websites on my laptop, but it works in other devices.
My family just recently change wifi password to … Continue reading How to stop a hacker from blocking specific websites [closed]
This question (How safe are employee laptops in China against International corporate espionage?) got me thinking – what is the proper way to go on a business trip to China and protect your laptop. What are best practices and no-gos?
Is it… Continue reading How to properly protect company laptop on a business trip to China [duplicate]
Fascinating analysis of the use of drones on a modern battlefield—that is, Ukraine—and the inability of the US Air Force to react to this change.
The F-35A certainly remains an important platform for high-intensity conventional warfare. But the Air Force is planning to buy 1,763 of the aircraft, which will remain in service through the year 2070. These jets, which are wholly unsuited for countering proliferated low-cost enemy drones in the air littoral, present enormous opportunity costs for the service as a whole. In a set of comments posted on LinkedIn…
We have an application that holds a bunch of passwords in an encrypted vault for various purposes. What is the best practice for storing the key for that vault? There feels like there’s a bootstrapping problem where the master key needs to… Continue reading Sharing the key to a password vault securely
Say that I have generated an RSA keypair, which I intend to publish only for use with RSA-KEM; I can see that this is provisioned for:
The intended application for the key MAY be indicated in the key usage certificate extension (see RFC 5… Continue reading Does self-signed encryption certificate violate "no multi-use keys" principle?
I’m building a website with Patreon integration and I have identified the need to store Patreon user’s OAuth2 token in the database. I’m wondering what’s the best way to do that, security-wise. Some considerations:
The token doesn’t give … Continue reading What are the best practices to safely store OAuth2 tokens in a database?
We are looking into reviewing our organization OS/DB hardening checklist (done by predecessor). We’re aware that there are various benchmarks out there like CIS & STIG to guide on that, and the current checklist is rather a short list … Continue reading OS/DB Hardening Checklist Drafting Process