Best of Security — July 2022
- 1
- 2
- 3
System Weakness·4y
Dockerize a MERN Stack app for Production with Security in Mind (Part II)
This post is the 2nd part of a two part series that covers how to make a MERN stack application production-ready with security in mind. The first part of this series was more of a theoretical post to grasp the basic concepts of what we want to achieve.
- 4
codeguru·4y
Top 10 Security Testing Tools for Developers
Security testing is the practice of evaluating an information system’s security by detecting and exploiting vulnerabilities. With the number of data breaches on the exponential rise, it is more crucial than ever for developers to ensure the security of their websites and applications. There are a number of open-source security testing tools around to help in this endeavor.
- 5
The Register·4y
Meta approves 4 programming languages for employees and devs
Meta, the social ad biz better known as Facebook, has endorsed four programming languages as preferred options for employees and for developers building software on its platform. Among the favored four is Rust, the much-loved systems language that emerged from Mozilla and is now overseen by the Rust Foundation.
- 6
Hacking for Beginners: From Novice to Ethical Hacker Overnight
Hacking for Beginners: From Novice to Ethical Hacker Overnight. Iotabl founder explains how to break into systems and devices. How to dual boot Kali Linux with MacOS X and run it on a removeable disk. The NMAP Scripting Engine (NSE) is used to perform specific e.g. brute force, cross-site scripting etc.
- 7
Changelog·4y
Lissy93/awesome-privacy: 🦄 A curated list of privacy & security-focused software and services
A curated list of privacy & security-focused apps, software, and providers. Migrating to open-source applications with a strong emphasis on security will help stop corporations, governments, and hackers from logging, storing or selling your personal data. Remember that no software is perfect, and it is important to follow good security practices.
- 8
InfoSec Write-ups·4y
WiFi Hacking Week Pt. 4 — Evil Twin Attacks
In this blog post we will walk through exactly how an attacker could configure a rogue device as a malicious access point. A Raspberry Pi — or other single-board computer — is perfect for this scenario as they are cheap, easy to set up, and are small enough that they could be hidden from scrutiny by interested parties.
- 9
Dockerize a MERN Stack app for Production with Security in Mind (Part I)
Dockerize a MERN Stack app for Production with Security in Mind (Part I) Securing a NodeJS application with Docker and Nginx. The first part of a two-part series that covers how to Dockerize an existing MERN stack application and how to make it ready for production. We are going to focus on availability, reliability, and security.
- 10
- 11
Hacker News·4y
TikTok is “unacceptable security risk” and should be removed from app stores, says FCC
FCC commissioner Brendan Carr called on Apple and Google to remove TikTok from their app stores. Carr cited several incidents as evidence that TikTok has been dodgy about its data collection practices. Michael Beckerman, VP, Head of Public Policy, Americas at TikTok, refuted a large chunk of the FCC’s claims.
- 12
How a fake job offer took down the world’s most popular crypto game
A senior engineer at Axie Infinity was duped into applying for a job at a company that, in reality, did not exist. The engineer downloaded spyware to infiltrate Ronin’s systems. From there, hackers were able to attack and take over four out of nine validators on the Ronin network.
- 13
Okta Dev·4y
Defend Your SPA from Common Web Attacks
This is the second post in a series about web security for SPAs. We covered the OWASP Top Ten, using secure data communication with SSL/TLS, using security headers to help enhance built-in browser mechanisms, keeping dependencies updated, and safeguarding cookies. This post will use the concepts we introduced to banish some well-known web vulnerabilities.
