Explores the security implications of disabling SQL Server logins and denying permissions, focusing on how impersonation remains possible.
Apple's modified OpenSSL in macOS overrides verification failures and breaks the standard verification callback, potentially creating security risks.
Securely using OBIEE command line tools by encrypting plain-text passwords with GPG and mkfifo to meet security policies.
Details an XSS vulnerability in the Drupal Advanced Poll module (6.x-3.x and prior), including patch and mitigation.
A guide to securing the Docker API by using SSL certificates and socat for encrypted, authenticated remote connections.
A guide outlining a responsible security vulnerability disclosure and patching process for open source software projects.
Explains the difference between OBIEE's 'Act As' and 'Impersonate' features for user account access.
A security-focused session at SQL Rally Amsterdam demonstrating privilege elevation and DoS attacks via SQL Injection on SQL Server.
Explains a security vulnerability in Express.js's bodyParser middleware and provides safer alternatives for handling file uploads.
Explains how to pass server-generated JSON data to the front-end when Content Security Policy (CSP) blocks inline scripts, comparing performance impacts.
Explores SQL Server privilege escalation from CONTROL SERVER to sysadmin, debunking myths and comparing to Oracle's security model.
Guide to securely connect SQL Server Management Studio to an Azure IaaS SQL Server instance by configuring endpoints and enabling encrypted connections.
A humorous proof-of-concept exploit using HTML5 localStorage to fill a user's hard disk, highlighting browser security flaws.
A user investigates why Google search results for 'stackoverflow' incorrectly linked to a US government website, revealing a web developer's redirect error.
A bug fix patch for Drupal Commons 3's Radioactivity module has been officially committed to the project.
A practical guide to configuring secure TLS ciphers for Apache, nginx, and HAProxy to achieve a top SSL Server Test score.
A tutorial on implementing two-factor authentication for SSH using Google Authenticator and PAM.
Explains how to securely upload files directly from a client to Windows Azure Blob Storage using Shared Access Signatures (SAS).
A guide to securing ASP.NET Web APIs using OAuth2 and Windows Azure Access Control Service for modern app authentication.
Upcoming improvements to Dabblet, including JavaScript support, cross-browser compatibility, security enhancements, and Prism integration.
