Best of SecurityMarch 2023

  1. 1
    Article
    Avatar of semaphoreSemaphore·3y

    Microservices Best Practices

    Microservices architecture involves designing and developing loosely-coupled services. Best practices include adopting the Single Responsibility Principle, building teams with clear responsibilities, using the right tools and frameworks, keeping asynchronous communication between microservices, adopting the DevSecOps model, using separate data stores for each microservice, deploying each microservice separately, orchestrating microservices using platforms like Kubernetes, and using an effective monitoring system.

  2. 2
    Article
    Avatar of thevergeThe Verge·3y

    How hackers took over Linus Tech Tips

    The Verge YouTube channel Linus Tech Tips and two other YouTube channels have been restored after a major hack allowed a bad actor to do things like livestream crypto scam videos, change channel names, and even delete videos. In a new video, owner Linus Sebastian explains that the breach bypassed things like password and two-factor protections.

  3. 3
    Article
    Avatar of awstipAWS Tip·3y

    Building Scalable and Secure Web Applications with Three-Tier Architecture on AWS

    Building Scalable and Secure Web Applications with Three-Tier Architecture on AWS is a popular solution that divides an application into three layers: presentation, application, and database. This article will discuss the benefits of using three-tier architecture on AWS and provide a step-by-step guide on implementing it.

  4. 4
    Article
    Avatar of phProduct Hunt·3y

    APIRank.dev - Product Information, Latest Updates, and Reviews 2024

    APIRank.dev is the biggest public APIs database available. It ranks APIs based on their design, performance, quality, and security. Users can quickly look at an API before using it and compare their APIs with others.

  5. 5
    Article
    Avatar of systemweaknessSystem Weakness·3y

    Secure database connection in Nodejs application

    Learn about best practices for securing database connections in Node.js applications, including the use of environment variables, encrypted connections, and connection pooling.

  6. 6
    Article
    Avatar of phProduct Hunt·3y

    Bearer CLI - Product Information, Latest Updates, and Reviews 2024

    Bearer CLI is a free, open-source command-line tool that helps developers secure their code by analyzing it for common security risks and vulnerabilities. It provides direct output in a terminal for quick fixes. Bearer Cloud is a new platform that syncs with Bearer CLI's output to help teams manage application code security at scale.

  7. 7
    Article
    Avatar of logrocketLogRocket·3y

    Using Helmet in Node.js to secure your application

    Helmet.js is a middleware-based technology that improves security in Node.js applications by safeguarding HTTP headers. It protects against common security threats like XSS attacks and click-jacking. Integrating Helmet into a Node.js Express app is simple and only requires a few lines of code.

  8. 8
    Article
    Avatar of communityCommunity Picks·3y

    5 Common Server Vulnerabilities with Node.js

    Learn about 5 common server vulnerabilities with Node.js and how to mitigate them. Topics include injection vulnerabilities, cross-site scripting (XSS), denial-of-service (DoS), improper authentication and authorization, and insecure direct object references.

  9. 9
    Article
    Avatar of hnHacker News·3y

    Web fingerprinting is worse than I thought

    Web fingerprinting is a method of tracking users across different browsing sessions and websites using unique device and browser specifications. It is becoming a popular method of user tracking and can undermine online privacy. Firefox with resistFingerprinting=true or Tor Browser are recommended for protecting against fingerprinting.

  10. 10
    Article
    Avatar of medium_jsMedium·3y

    Designing a Fault-Tolerant Web Application: Building a Highly Available 3-Tier Architecture

    A 3-tier architecture is a type of software architecture that is commonly used to develop web-based applications. The architecture consists of three layers or tiers, each responsible for different functions. The three tiers are interconnected and communicate with each other through well-defined interfaces.

  11. 11
    Article
    Avatar of devgeniusDev Genius·3y

    My Client Website Got Hacked: Lessons Learned and Steps to Strengthen Website Security

    Lessons learned from a client website getting hacked and steps to strengthen website security.

  12. 12
    Article
    Avatar of ubuntuUbuntu·3y

    Setup your own VPN server

    Learn how to set up your own VPN server for enhanced security, privacy, and access to restricted content.

  13. 13
    Article
    Avatar of communityCommunity Picks·3y

    Why you should sign your commits with gpg.

    This post discusses the importance of signing commits with GPG and how it helps to verify the authenticity of commits on platforms like Github.

  14. 14
    Article
    Avatar of swcdSweetcode·3y

    Securing Docker Containers

    Docker is a containerization software we can use to create, deploy and manage cotainers. These containers are capable of running on any operating system, making them easy to use and more reliable. Docker runs the client-server applications, which is a collection of Docker clients, hosts, and registries.

  15. 15
    Article
    Avatar of communityCommunity Picks·3y

    “use strict” in Javascript

    Enforce strict mode for safer and more reliable JavaScript code. The 'use strict' directive enables strict mode and introduces rules for variable declarations, assignment to undeclared variables, deleting variables and functions, and 'this' keyword behavior. It improves code quality, increases security, enhances performance, and ensures compatibility.

  16. 16
    Article
    Avatar of bartwullemsThe Art of Simplicity·3y

    The lost art of writing SQL queries

    Most (junior) developers no longer are able to write anything but the most trivial queries. If you want to sharpen your SQL skills, have a look at https://www.sql-practice.com/. Here you get a whole list of exercises that require writing SQL queries. If you get stuck hints are available that help you get on the right track.

  17. 17
    Article
    Avatar of apiumhubApiumhub·3y

    Software Development Frameworks: A Guide to 2023

    Software Development Frameworks: A Guide to 2023 - Apiumhub. The software development process takes an enormous amount of time and effort, which is variable, of course, based on its complexity, size, and other factors. Frameworks provide a structure for developing software and ensure that code is written consistently and logically.

  18. 18
    Article
    Avatar of infosecwriteupsInfoSec Write-ups·3y

    JWT [JSON WEB TOKENS] [EXPLANATION & EXPLOITATION] (0x01)

    Learn about JWT's, their structure, and how they can be exploited. Explore flawed signature verification and brute forcing the secret key.

  19. 19
    Article
    Avatar of communityCommunity Picks·3y

    SecurityZines

    Simplified concepts of Infosec by Rohitand Anshu.

  20. 20
    Article
    Avatar of codemotionCodemotion·3y

    5 Tips for Boosting API Security

    This article with insights from 42Crunch co-founder and CTO Isabelle Mauny, explains to developers today’s API security woes and how to tackle them during development. Common API cybersecurity issues are an increasingly serious problem, as evidenced by a recent report from apisecurity.io.

  21. 21
    Article
    Avatar of systemweaknessSystem Weakness·3y

    Instagram OSINT & Hacking — Phishing at its best.

    Learn about Instagram OSINT and hacking techniques, including reconnaissance, using tools like Slash and Zphisher for phishing.

  22. 22
    Article
    Avatar of amplicationAmplication·3y

    Guarding Your Routes in NestJS

    NestJS Guards are classes with a single goal to determine whether the route handler should handle a request. They can be used to prevent unauthorized access to endpoints in your application by checking if a user has the necessary permissions to access a specific resource. The Guards we write can protect either individual route handlers or a group of route handlers.

  23. 23
    Article
    Avatar of systemweaknessSystem Weakness·3y

    Try Hack Me: MD2PDF

    This post discusses how to exploit a machine on Try Hack Me that is vulnerable to Cross Site Scripting (XSS) by using a Markdown 2 PDF converter to read a file on the local server.

  24. 24
    Article
    Avatar of tcTechCrunch·3y

    GitHub takes down repository containing Twitter’s source code

    GitHub takes down repository containing Twitter's source code. Twitter filed a petition in the District Court of Northern California asking GitHub to take down the code and also help it find the perpetrator. The code-hosting site didn’t say if any users were able to access the repository before the company took it down.

  25. 25
    Article
    Avatar of rhdevRed Hat Developer·3y

    10 tips for writing secure, maintainable Dockerfiles

    This post provides tips and best practices for writing secure and maintainable Dockerfiles, including using the current release base upstream image, choosing base images without the full OS, and organizing Docker commands effectively.

See all Security archives