Category Archives: Application Security

Adventures in C# – Secure Access To Your Middle Tier Code

Protect Your Code With System Accounts and Role Based Code Access Security In this article I wanted to provide a simple example of how you can meet some of the best practices for secure code implementation and also some best practices in implementing a scalable architecture. I tried to keep the prototype as simple as I could work… Read More »

Apache Struts “serialisation” vulnerability – what you need to know

Source: Sophos Naked Security by Paul Ducklin Update. The Struts 2.3 and 2.5 versions now both have official patches. We have updated our advice below accordingly. [2017-09-07T11:00Z] It seems only yesterday – in fact, it was six months ago – that we wrote about a nasty security hole in Apache Struts. Unfortunately, it’s time for déjà vu all over again, with a similar sort… Read More »

Self-hosted search option is a new approach to bursting the filter bubble

Source: Sophos Naked Security If you’re worried about Google’s attempts to track you more closely than ever before, there’s another approach you can take to online search engines: host your own. Google came under fire recently for its super-intrusive proposal to track our in-store purchases. Privacy groups are doing their best to fight it in the courts, but in the meantime its… Read More »

Facebook has got your number – even if it’s not your number

Source: Sophos Naked Security If you are a user of the social networking site you are going to want to read this article. Do you value your Facebook account? Have you linked your phone number to your Facebook account? You could lose access to it if you aren’t careful, according to James Martindale, who discovered a worrisome Facebook authentication… Read More »

CRM Installation Fails with System.IO.IOException

As everyone know all Microsoft OS systems come with the administrative shares turned on by default. If you are a domain admin you can access the drive of another computer in the network by doing \\<computer name>\C$. If you are an admin working on hardening the security of your network servers you might go to the registry and… Read More »