Security

Web Security is a significant concern for me. Over the past few years, I’ve been learning about ethical hacking and the broader field of web and server security and one topic that has always intrigued me is session hijacking. While many security threats, such as weak passwords, SQL injections, and cross-site scripting (XSS), have been mitigated and are relatively easy to fix, session hijacking remains a persistent threat. Its ease of exploitation and potential damage make it a serious risk to web applications. ...

As of 0.56.0 release of django-allauth (2023-09-07) the support for Multi-Factor Authentication (MFA) has been added. This is great news for the Django developer as it allows to easily add MFA to your applications, but the documentation is still a bit sparse, and it appears that the feature is not widely known yet. ...

As good of a developer you are, you are not immune to data loss, mistake happen either by you or an outside force, so it is important to have a backup strategy in place and this need to be done before you need it. One of the most popular backup strategy is the 3-2-1 backup strategy, but what does it mean and how can you implement it for almost no cost and effort? ...

Few days ago I started receiving concerning email directly to my work email address, the email was from a so-called bug bounty hunter that was claiming to have found a vulnerability in one of our products, the email was very generic and it was not clear what was the vulnerability, the only thing that was clear was that the person was asking for money to disclose the vulnerability. ...

One topic I am fascinated by is cybersecurity, hacking and the work of penetration testers, if you are like me, read on this article is for you. What is Darknet Diaries? Darknet Diaries is a podcast about hackers, breaches, shadow government activity, hacktivism, cybercrime but also about security professionals and researchers. The podcast is hosted by Jack Rhysider, a security professional with over 15 years of experience in the field. ...

I am a long time user of DigitalOcean and I have been using many of their services for more than 6 years, including their Cloud Firewall. I have been using it for a long time and I have been very happy with it. Most of the time when people create a new droplet they just leave their server open to the world, which is not a good idea, especially if you are running a production server. ...