OWASP Mobile Top 10 Part 2: Insecure Data Storage

OWASP Mobile Top 10 Part 2: Insecure Data Storage

Comments 0 Comment

Insecure data storage is the second vulnerability in the OWASP Mobile Top 10 list. Insecure data storage comes straight after improper platform usage – such an attack might occur after a malicious party has stolen a mobile device, gained control of a lost mobile device or simply managed to execute some kind of malware on the mobile device of a victim. What is Insecure Data Storage? Put simply, insecure data storage refers to, well, insecure storage of data that is…

Read More Read More

OWASP Mobile Top 10 Part 1: Improper Platform Usage

OWASP Mobile Top 10 Part 1: Improper Platform Usage

Comments 0 Comment

The improper platform usage vulnerability is the first vulnerability in the OWASP Mobile Top 10. This blog will provide some insight into what it is and how it’s actually exploited in the wild while also telling you how to protect your own mobile applications. What is Improper Platform Usage? The improper platform usage vulnerability refers to a vulnerability that is derived from the improper usage of platforms in use by an application. In other words, this category covers the misuse…

Read More Read More

What is the OWASP Mobile Top 10?

What is the OWASP Mobile Top 10?

Comments 2 comments

If you ever heard of web application security, you probably heard of OWASP. And if you heard of OWASP, you probably heard about the OWASP Top 10. The Open Web Application Security Project, or OWASP for short, is an international non-profit organization dedicated to web-application security. OWASP is widely known for publishing materials covering their projects – one of their projects is OWASP Top 10 which is a regularly-updated report outlining security concerns for web application security. The OWASP Top…

Read More Read More

The Basics of MySQL Security

The Basics of MySQL Security

Comments 0 Comment

If you have ever built a website, chances are you took care of security. Securing web applications does have its own caveats though – did you take care of the security of the database? In this post we will look at the options that can make MySQL perform at the very best of its ability security-wise. Keep in mind that this is not a very comprehensive guide (certain topics such as backup security etc. will not be touched) and some…

Read More Read More

Build Stuff 2019 Retrospective

Build Stuff 2019 Retrospective

Comments 1 comment

It’s November. For some developers it’s just an ordinary month – for some of them it means maintenance of projects, for some – building something cool on their own. Some of them visit Build Stuff. A lot of them, actually – this year Build Stuff has had around 1,400 attendees. Build Stuff 2019 Build Stuff is an annual conference for developers being organized in Lithuania. Conference theme for this year – Programming Jungle. As usual, the conference started off with…

Read More Read More

Cleaning a mechanical keyboard: Corsair Vengeance K70

Cleaning a mechanical keyboard: Corsair Vengeance K70

Comments 0 Comment

You noticed your keyboard has dirt, some keys are stuck, some keys are not registering properly …or maybe you just spilled some coffee on your keyboard. What do you do now? The answer is plain and simple: clean it. Here’s how to clean a Corsair Vengeance K70. The Corsair Vengeance K70 comes with Cherry MX Red key switches, ten contoured buttons for gaming, anti-ghosting, adjustable back-lighting, multimedia controls and even a detachable wrist rest. For those of you not familliar…

Read More Read More

WordPress Malware: WP-VCD

WordPress Malware: WP-VCD

Comments 0 Comment

Using nulled WordPress themes and plugins is bad. Why? Because sometimes (well, most of the time) nulled plugins or themes contain malicious code that looks something like this: That’s wp-vcd.php. When a WordPress website is infected with this piece of malware, the infected file resides in the “wp-includes” directory and every time a page on a WordPress website is accessed overwrites the functions.php file with malicious code that looks like this: Removing the code doesn’t do any good – as…

Read More Read More

Filtering user input in web applications: the basics

Filtering user input in web applications: the basics

Comments 0 Comment

SQL Injection. Cross-Site Scripting. These are just two of web application security flaws that can be prevented by effectively filtering user input. Web developers can filter user-supplied input in two ways – either by utilizing white-list or black-list input validation. Each method of input sanitization has their own pros and cons, so I will go through each of them individually. Black-list input sanitization Black-list input validation is one of the most common ways user-supplied input can be validated. The way…

Read More Read More

Build Stuff 2018 Retrospective

Build Stuff 2018 Retrospective

Comments 0 Comment

I do not usually write retrospectives on conferences I have attended, but this was something else altogether. What was it? This conference was a big one. And by saying big one, I mean it: In three days, we saw 1,300 attendees, 76 speakers, 6 keynotes and 80 sessions ranging from artificial intelligence to burnout in IT – Build Stuff is the largest software development event in the Baltics! The conference started off on Wednesday with a welcome talk followed by…

Read More Read More

Here’s how I prepare for conferences

Here’s how I prepare for conferences

Comments 0 Comment

Public speaking can be enormously empowering and fulfilling. I have spoken at quite a few international conferences – I always reflect on what I’ve done right and what’s been done wrong after the conference, but not once have I covered how exactly do I prepare for them. I do not overload the slides with content Overloading slides with content is one of the top no-nos when doing any form of presentation. The audience either listens to the speaker or reads…

Read More Read More