A major area where security is often lax is the web.config file. Usually stored in plain text, an intruder who gains access to this file can then easily access databases and other resources both internal and external.
Read full news article on InfoQ
Article: Securing web.config with Encryption Certificates on Windows and Azure
Date:
Categorie(s):
Tag(s):
- Russian APT28 Group in New “GooseEgg” Hacking Campaign
- The multitenant dilemma: Gaining more control over user access without compromising data isolation
- Hacker Offers Upto $300 To Mobile Networks Staff For Illegal SIM Swaps
- Critical Apache HugeGraph Flaw Let Attackers Execute Remote Code
- Over a million Neighbourhood Watch members exposed through web app bug