Category "security"

Is there a way to use adb to force android to not timeout the lock screen?

I've been using a special keyboard (the messageEase keyboard) to type in my really long password to get in, and it works well enough, but when I try to use the

What is the safe way to adding an FTP user through PHP?

There is a form on the website with "FTP username" and "FTP password" for administrators. How to safely add the FTP user by PHP? Because curre

Is it safe to get user token from Microsoft graph API in front-end

so basically, I am checking if it is safe to expose client Id and to make API calls such as fetching user tokens and info from front-end I followed the document

How fix Configure Always on SQL Server error as shown below:

Replicate SQL image here Result error image description here

OAuth2 PKCE Flow - Using Access tokens securely from Single Page Apps

I have an Angular application that uses angular-auth-oidc-client for integration with KeyCloak server I use PKCE flow and I get the id token, access token and r

How to securely host file on RHEL server and enable download for user

I have programmed an application that users can use to process genome data. This application relies on a 10GB database file, that users have to download in orde

How to secure Elasticsearch's REST API via OAuth2 tokens?

In our company, we have an Elasticsearch cluster (ES) and another product (I'll call it DataProvider) that puts data into that cluster. These puts are made by c

Admin consent request - best practice for service provider to prevent confused deputy

We have an application that requires admin consent for some permissions in order to work. I read the admin consent endpoint documentation and as I understand, t

I want get some suggests to protect my services

I have one network service, I want get some suggests to avoid cyber attacks. who can help me? which production I can buy it for protect my service? how about cl

Snyk False Positives for XSS in PHP

We've recently started using Snyk to perform code analysis, however have hit the stumbling block that the first scan is reporting many (>700) XSS vulnerabili

how to secure nest js server on Heroku, I would like to know if the strategy I am using is secure or not

I am hosting my nest js server on heroku. I am using authGuards in nest js to validate the request using accessToken passed by client with the request (this acc

Create restrictions on the Laravel registration form

I want to create a registration form in Laravel that the user can only register once in the registration section of the site during a period of several months,

Do GKE clusters need a bastion host?

I'm hosting my frontend & backend servers with GKE (Gcloud Kubernetes Engine) with private nodes in a default VPC network like this gcloud beta container cl

How to see dependabot alerts only for the current branch?

I have a repository which uses ReactJS and has 39 vulnerabilities (all of them are in yarn.lock file) when I am on the master branch. Dev branch and a few other

Java/Spring: How to retrieve password from JBOSS vault

I am trying to modify out Java/Spring Framework web application to retrieve the Oracle database password from the JBOSS Password vault Currently, Our mvc-dispat

krbtgt account - RC4 Encryption Type

I was running running klist on my machine I can see 2 (TGT?) tickets with: Server: krbtgt/DOMAIN.COM @ DOMAIN.COM and KerbTicket Encryption Type: RSADSI RC4-HMA

Hacking a site with wddl, CAEj and LsBb?

On occasion our site will get hit with what looks like a series of attempted attacks. The comments on our blog posts will look like this: "wddL" - 5057 said on

springSecurityService.encodePassword for Spring Boot only

I have a legacy app made in grails which uses springSecurityService.encodePassword to generate user password. It's stored in database like this: {bcrypt}$2a$04$

Wildfly 26 elytron security domain config is not working

I am trying to migrate an application to wildfly 26, and i am trying to use elytron to secure the application. I successfully run this commands using the jboss

Module not found: Error: Can't resolve 'trusted-types' in '' angular

getting Module not found: Error: Can't resolve 'trusted-types' installed trusted types using this command npm i @types/trusted-types --force. and npm install t