How Composer Avoid Dependency Chain Attacks
In a blog post published by Nils Adermann co-Founder of Packagist, explained how composer manage dependency confusion and avoid security issues caused by other package managers to big companies such Apple,...
Symfony security : Disclosure of uploaded files full path
Fabien Potencier have just published a new security issue CVE-2018-19789 related to the disclosure of uploaded files full path that affect versions 2.7.0 to 2.7.49, 2.8.0 to 2.8.48, 3.0.0 to 3.4.19,...
What about relaunching the PHP Security Consortium?
The PHP Security Consortium was first launched in 2005, but since that date the initiative didn't see any new development even if it contributed with many interesting security resources to the...
Essential PHP Security Book Reviewed
I have announced this book when it was first published in December 2005, Nine years ago or almost ! Today we are sharing with you a more detailed review of this...
Hardening Framework plans to support PHP
The Hardening Framework is a security automation framework that applies secure default configuration while allowing customization for each deployment. It adds a layer into your automation framework, that configures your operating...
PHPVatch, Top 1M websites leaking PHP versions
With just few weeks until PHP 5.6 EoL, PHPVatch checks top 1 million websites from Alexa Top 1 million sites which are leaking their PHP versions
Only 4.88% of these websites have...
Google Announces the end of SHA-1
The first SHA1 collision have just been announced in a blog post by a team from google and CWI Amsterdam. In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash...
PHPIDS, PHP-Intrusion Detection System for your Apps
While we are talking about unsecure PHP installations, we'll be sharing this week lots of tips and tricks about PHP security. If a PHP version is considered unsecure, it doesn't necessary...
INISCAN, The PHP ini scanner for best security practices
Since the PHPSecInfo is no longer updated, there is a similar tool which is recent, updated and could provides you with common security best practices for your PHP installations. Written by...
PHP 7.2: The First Programming Language to Add Modern Cryptography to its Standard Library
Officially, Libsodium will be part of the core extension of PHP 7.2 after RFC vote last week with 37 Yes and 0 No ! Sodium is a new, easy-to-use software library for...
Latest articles
Get Started with Laravel Volt: A Free Full Stack Laravel App...
Laravel Volt is an admin dashboard template that offers a comprehensive design and development toolbox for personal and commercial projects. It comes with handcrafted...
