Do we allow our applications too much?
Many people have photos of their passport, driver's license, and child's birth certificate on their phone. But not everyone realizes how easy it is to access them. One…
Security
Discover the latest news, reviews, and best practices in information security. Stay updated on cybersecurity threats, protection strategies, and innovations in safeguarding data
Arbitrary File Write
The world of vulnerabilities is quite diverse. Usually, hackers try to achieve their goals using arbitrary code execution vulnerabilities, the very abbreviation RCE.…
Security for Non-Security Experts
Anastasia Vazhinskaya is an information security engineer, not a front-end developer, but her presentation became the most important for the main hall of the FrontendConf…
Top dangerous vulnerabilities of August: Microsoft Windows and WordPress sites are at risk
tekkix, hello! I am Alexander Leonov, leading expert of the PT Expert Security Center laboratory. Every month, my team of analysts at Positive Technologies researches…
Kubernetes Secrets Management with Sealed Secrets and Helm: GitOps way
In this article, we will look at how to organize simple secrets management for applications in Kubernetes using the GitOps approach. We store secrets in git securely…
Password Security Practices
This article is a translation of the Password Security Guidance from the National Cyber Security Centre of Canada. There is a lot of information about passwords available…
How to check for phone surveillance. Myths and reality
In this article, we have collected the main "symptoms" of mobile surveillance that we found on the Internet. Each of them is commented on by a specialist in the field…
Another case on the hunt... Or why Appdome is sometimes such a Dome
In the article, I will tell a case from the practice of analyzing the protection of Android applications. Names and places of events have been changed. Any coincidences…
