Collaborate Disseminate
We have our web app / REST API getting tested by potential customer. In the report they came up with this issue:
Sensitive data like user credentials on login page, password reset,
change password etc. are sent in clear text format. If se… Continue reading OWASP Pentest – "Sensitive data sent in clear text" [closed]
and this is the text
SAMSAMFASFABSFNAF UANSFUNASFMN ASDASDASDAS SADFDS SF SD DSADASDASDASDASDSADASDASDISFASIUNFUAUSFNASFYGBNFDLBDF; B
IBFDFL, BDLF, BJNS BS UNBUSF N BSNFB SUFNBUSBNSFNBN USFNBUSFNB RSFNBUNFSBUNSFBNSFKBMKSFNBSFJ BJNFSBJNSFJB… Continue reading I Want a Decrypt a Text But i Dont Have Key Or Anything [closed]
An organization my friend works for was recently hacked, and the hackers published a file with over 100,000 names and passwords, including theirs. An IT person in the organization told me that the hackers seem to have found an encrypted fi… Continue reading Hacked list of AD logins and passwords
ESET released a report that summarizes key statistics from its detection systems and highlights notable examples of its cybersecurity research. The latest issue of the report highlights several concerning trends that were recorded by ESET telemetry, in… Continue reading Large ransom demands and password-guessing attacks escalate
Password managers are designed to manage and store passwords, so it makes logical sense that the master password should also be stored within the password manager. However, there are conflicting reports online about whether or not it is a … Continue reading Should I store my password manager’s master password inside of the password manager itself? [closed]
I was certain I’d find a question asking this, but a search didn’t return any results.
I have 2FA enabled on my Microsoft account, which requires me to approve all sign-ins using the Microsoft Authenticator app. My understanding is, after … Continue reading How can a Microsoft "unsuccessful sign-in" trigger a 2FA request?
As a regular PC user of Remote Desktop sessions, you may for one reason or another want to change…
For more, visit TheWindowsClub.com. Continue reading How to change User Password in an RDP Session in Windows 11
With each passing day, the threat of ransomware increases in frequency, sophistication, and effectiveness. What started as a simple annoyance scheme to collect a ransom has evolved into a mature ecosystem of Ransomware-as-a-Service (RaaS) providers lev… Continue reading The biggest problem with ransomware is not encryption, but credentials
I recently discovered the problem with Percent-encoding.
It makes perfectly sense when we are dealing with such problem in a browser scenario. But I don’t get why a software like WinSCP can be affected by the same issue.
In my opinion the … Continue reading Percent-encoding in WinSCP in SFTP password, why?
I use the same email address for the AWS root user and my Amazon shopping account.
Unfortunately the password for both parts of Amazon is also the same, when I change the AWS password I automatically have the same for the shopping part.
Bu… Continue reading Not the same password for AWS (root user) and Amazon.com shopping, because that is not secure in my eyes