Hardening Framework plans to support PHP
The Hardening Framework is a security automation framework that applies secure default configuration while allowing customization for each deployment. It adds a layer into your automation framework, that configures your operating...
PHPVatch, Top 1M websites leaking PHP versions
With just few weeks until PHP 5.6 EoL, PHPVatch checks top 1 million websites from Alexa Top 1 million sites which are leaking their PHP versions
Only 4.88% of these websites have...
PHP 7.2: The First Programming Language to Add Modern Cryptography to its Standard Library
Officially, Libsodium will be part of the core extension of PHP 7.2 after RFC vote last week with 37 Yes and 0 No ! Sodium is a new, easy-to-use software library for...
Composer security Harderning
Composer is a dependency manager for PHP, and is the de facto one. It is a great software developed by brilliant people, and Composer security have the necessary precautions in place to prevent...
Understanding CIDRAM: An Overview of the Advanced Security Tool for Web Servers
CIDRAM (short for "Classless Inter-Domain Routing Access Manager") is a web security tool that helps protect websites from malicious traffic. It uses a combination of IP blocking, HTTP header analysis, and...
What about relaunching the PHP Security Consortium?
The PHP Security Consortium was first launched in 2005, but since that date the initiative didn't see any new development even if it contributed with many interesting security resources to the...
Facebook Like Clickjacking Vulnerability
Eric Kerr pointed in his blog to a vulnerability in Facebook like button which basically allow an attacker to trick you into Liking something without your discretion.
How the attack works:
1....
The Spanner Blog : Bypassing XSSAuditor
The spammer blog posted about bypassing XSS Auditor, a tool built-in Chrome and IE and enabled by default to prevent XSS attacks or just doing some weird things to your page....
PHPIDS, PHP-Intrusion Detection System for your Apps
While we are talking about unsecure PHP installations, we'll be sharing this week lots of tips and tricks about PHP security. If a PHP version is considered unsecure, it doesn't necessary...
Webinar : Securing Your Infrastructure Before, During and After Deployment
Synk is organizing a webinar on October 14, 2020 3:00 pm CET titled securing your infrastructure before, during and after deployment. There will be three speakers from respectively Synk, Pulumi, and...