Aug 1, 2019

PR_CONNECT_RESET_ERROR connecting to Windows IIS web servers in Firefox only

I had a strange issue today at my day job that shall not be named. We have a test environment that our clients connect to that is running Windows IIS. Out of the blue, one of our clients said that in Firefox they couldn't connect to the test environment website, but all other browsers worked fine.

When you would connect to the site in Firefox, you would get the below error:


Secure Connection Failed

An error occurred during a connection to <website name> PR_CONNECT_RESET_ERROR



  • The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  • Please contact the website owners to inform them of this problem.

None of the other servers in our other environments had this issue.

Well, after checking TLS settings on servers that didn't have the issue and comparing them to the servers that did have the issue, I figured it out.

Using IIS Crypto, I found that these servers had SHA disabled. Once I checked the box to enable it, and rebooted the servers the issue went away.


Apparently Firefox doesn't support SHA 256 and above yet... Seems like they would though right?

Anyway, that fixed the issue for us. If you know of another way to fix this, let us know in the comment!

Jul 8, 2019

All About Facebook's Libra Cryptocurrency (Infographic)

Facebook's new cryptocurrency, Libra has been in the news a lot lately. Many people have questions about it. The infographic below tells you all about Libra!

Check it out:




[Via MrBTC]

Jun 24, 2019

How to Manage Your Cryptocurrency Portfolio Effectively – Tips and Strategies

A few years ago, many traders and investors in the cryptocurrency sphere didn’t have a portfolio. Instead, they invested all their money backing one currency, which was normally Bitcoin. Putting their financial weight behind one currency meant they were hoping that either their Bitcoin investments were going to continue growing (and for the most part it did) or they had bought up a rival Cryptocurrency in the hope it would put on a “Bitcoinesque” show. Those days the number of Bitcoin exchanges was noticeably smaller and their functionality wasn’t that wide.

Then in late 2017 and early 2018, the unthinkable happened. Overnight (if not faster) the bottom fell out of the market as a few investment groups who held a large portion of Bitcoin all cashed in at once. The currency went into freefall and the dreams of becoming incredibly wealthy by owning Bitcoin were dashed against the rocks.

Today there are still some who clung on to their Bitcoin and weathered the storm, still waiting for the currency to get to the value they purchased it at. With the latest positive trends in Bitcoin's price, this could come to fruition in the not too distant future. The Bitcoin's crash left a sour taste in many people’s mouths, some sold and made huge losses, some held on, but it was a sign for each investor that they needed to be more attentive to their funds.

Diversifying Instantly Adds a Layer of Protection

In the wake of this fallout, 2018 ushered in a period of stagnation across much of the market, but against a bleak backdrop, some currencies began to shine out. Currencies like Ripple and Ether were beginning to grow and investors began moving money away from Bitcoin and Bitcoin-based currencies (Bitcoin Cash, Litecoin) towards more promising prospects.

Another trend emerged, investors were beginning to buy multiple currencies across different exchanges and they were beginning to hedge risks. Instead of lumping all of their money in Ripple, they spread their investment pot over a range of Cryptocurrencies, meaning that if Ripple failed, another currency might perform well enough to offset that loss.

The emergence of Portfolio Management Tools and Apps

If you’re an investor or trader in 2019 or you’re looking for getting into Cryptocurrency trading then there are a few tips that you should abide by. The first tip is to check out some of the portfolio management tools and apps available (even before you have invested in any stock) and familiarise yourself with the interfaces, features, and functionality.

Using a portfolio management app will have plenty of long-term benefits but it will also help you get up and running if you haven’t traded before. Using a new portfolio and broker tool, CEX.IO Broker we will show you why.

CEX.IO Broker

There are other portfolio management tools available so make sure you try some others before selecting your app of choice. CEX.IO Broker gives you great functionality regardless of your experience level so that makes it great for the cryptocurrency portfolio management.

Integration with CEX.IO Exchange

With any portfolio management tool, you will need to make sure it behaves in the way you expect it to and this means on the most basic level it needs to communicate with the exchange that you’re trading on. There are a couple of fantastic portfolio management apps that use a multi-exchange platform to give you functionality across many different exchanges.

This is useful if you are a seasoned trader with multiple exchange accounts and have the patience to buy Crypto across a number of exchanges. This is specifically a strategy for those in the know about Cryptocurrency as using multiple exchanges can come with pitfalls especially if you select the wrong exchange or happen to use the one that is susceptible to hacking.

CEX.IO exchange is a world-leading exchange that has never been hacked and continues to provide competitive fees and lots of trading options. This makes it a favorite for seasoned pros and ideal for those looking to get their feet wet in a safe environment. Building on this strong framework, the CEX.IO Broker offers you additional trading functionality to mitigate risk.

Comprehensive Analytics

Another crucial thing that any self-respecting portfolio management platform will have is sophisticated features to analyze your trading experience. CEX.IO Broker collects historical data of your strategical moves, which allows you to take some lessons based on your own experience and benefit from it.

Other portfolio management apps have a wide range of analytics and data, some of them don’t provide much information beyond what is already available. But others like Blockfolio are revered within the community and provide critical insights into your Crypto investments. Blockfolio plugs into multiple exchanges but has no sync feature with these exchanges, relying instead on user input to help it manage and stay up to date with your buys and sells.

CEX.IO Broker provides the same Blockfolio sleek design and functionality as well as synchronizing with the CEX.IO exchange. It is worth trying Blockfolio out as it is free to use. It will also give you a very hands-on experience of what a good portfolio management app looks like, especially if you haven’t yet signed up to CEX.IO which you should do at the same time to feel out which fits your style best.

Security and Mitigating Risk

Last but not least, a crucial tip for managing your portfolio is to ensure that you're protecting your investment at all times and wherever possible you’re mitigating risk. Many portfolio platforms will offer comparison tools and notify you if things in the market change. Most do this in real-time although there are some that don’t have real-time functionality.

CEX.IO is very security conscious and even though thus far they haven’t been hacked they always advise that you keep your investment in private wallets and not on the exchange. The CEX.IO Broker also provides a comprehensive hedging strategy that will help you mitigate risk and offset any detrimental price changes.

In short, whether you’re a seasoned trader or not, if you have a portfolio you should have a portfolio management tool which at the very least alerts you to market changes in real time. If you find one of the better tools, these can actually not only keep you informed and ahead of the play, they can also help you protect your investment and expand your portfolio.

Jun 10, 2019

7 Reasons Why Mobile App Security Testing Is Crucial For Enterprises

To stay away from and diminish security breaks, we need to uncover shield vulnerabilities in all parts of our condition. We need to check the fringe (firewalls, switches, balancers, etc.) through framework organizations, mastermind division to web organizations, flexible and static mobile apps

We need to find shield openings of the web application before aggressors by making security testing a bit of the structure and improvement of the mobile application. We can in like manner discover vulnerabilities through versatile application security testing.

Why we need mobile application security testing?

1. Stay away from future attacks by estimating the acts of aggressors and imagining their moves

You haven't the faintest idea and can't ensure whether software engineers will or won't hack into your convenient web application, ambush your backend structures, and take your data. In any case, you can imagine possible future circumstances and reasonably related perils. You can make sense of the acts of software engineers to uncover absconds in the code and fix them before developers abuse them.

A penetration test is a kind of shield testing proposed thus. In a penetration test, analyzers use refined instruments and moved to learn of IT to figure the direction of an aggressor who enters the client's condition to get information or possibly get to higher assents without genuine endorsement.

2. Running live with the new flexible application without excess pressure

Preceding the association of another adaptable application to an IT circumstance, the compact application encounters required particular and customer affirmation testing's to ensure its course of action with the specific and business necessities. These affirmation testing's certification that this compact application satisfies the end-customers and can be maintained by IT gatherings.

Over social event specific and customer essentials, these flexible apps need to meet operational necessities, keeping the age condition as-is and not exhibiting security threats.

Experienced programming authorities and execution testing experts recommend us to grasp the philosophy from the thoroughly considered Design, Build, Go-live, to routine RUN and Support works out.

3. Change the building, for instance, orchestrate, fragments of the versatile application if significant

Through convenient security testing, you may discover security vulnerabilities that may later incite genuine security breaks after the flexible applications goes live.

Thinking about deformities in the source code, strike vectors, bottlenecks, and security openings before uncovering the flexible application, you can change the designing, the arrangement and the code of the application. Fixing issues at this stage are more affordable than keeping an eye on them later on when you find that the building of the application is defective or when a break happens. The cost at these stages will cover specific issues just as legal, PR, and anything are possible from that point.

4. Untouchable merchants are new to huge business IT condition and express endeavor safety efforts and compliances

Essentially every compact application uses some web benefits that continue running on the backend. Adaptable application security testing isn't simply attempting the source code yet likewise the direct of the application at the endpoint: how it works with limit, supports, singular data, how to verify the correspondence between the convenient application, its backend systems, and the web organization.

Exactly when software engineers need to spill data, they don't need to hack the compact application in light of the way that hacking web organizations are adequate.

Thusly, it is essentially progressively basic to perform adaptable application security testing if it is made by a pariah convenient application headway association. An external programming vender does not know or can't know all security techniques and standards. Adaptable application creators from a pariah, lacking foundation with enormous business IT structure, are not prepared to fittingly execute application security essentials to fulfill attempt necessities.

False security is considerably more horrendous than an unsteady application. If we expect and acknowledge an irregular condition of security, protection, and reliability, anyway when in doubt the security level is low, we may send fragile data genuinely to attackers. If we understand that the security isn't set, we don't send this data through this inconsistent channel.

5. Know the capacities and experience of the application progression association that fabricates your convenient applications

Security and application improvement are two unmistakable locales, and you don't anticipate that flexible application architects should be security experts. Fashioners' fundamental scope of capacities is in the frontend coding and User Experience (UX). They are set up to guarantee the application contains the required features and business functionalities. Originators are based on the User Interface (UI) to make their application easy to collaborate and fantastic to look at, less on the security side.

Nevertheless, you have to ensure that the end-movement of the versatile application has wellbeing endeavors arranged into it. In case the dealer doesn't have the security scope of capacities in-house, they should unite as one with associations that have security as one of their inside abilities.

Application security is a tidiness thing that each flexible application progression workplaces need and grasp in their applications. Unfortunately, relatively few do this since application security isn't poor. If the business doesn't show security as a need, security won't be completed or executed a tad.

By testing the security of the adaptable application, you can get to the capacities of the vendor.

(Examine this article to get some answers concerning the best 5 flexible application security issues you need to consider while making compact applications.)

6. Test the responsiveness of your undertaking IT gathering

By getting adaptable application security testing as a segment of a convenient application headway process and a compact assignment, you can test the responsiveness of your undertaking security gathering. We can check the period of the response, idea of the response, and the reaction accuracy.

If the security bunch doesn't properly react, by then, there is something erroneously in the process which ought to be tended to. On the other hand, if the assistance is re-appropriated, we can test the idea of this organization.

7. Fulfill outrageous industry security rules and agree to rules

Security Testing is essential for significantly secure ICT conditions. It is basic for the ISO 27001 affirmation, HIPAA, FIPS 140-2, OWASP logic, and for some circumstance directed by cybersecurity law.

Security testing has been an essential bit of an item application headway cycle, and there is no reason security should not be a required bit of a convenient application improvement cycle.

Jun 3, 2019

Two More Alternatives To Twitter and Facebook For Conservatives

Back in April we wrote about an alternative to Twitter and Facebook for people who value free speech and don't want to worry about getting banned for their political beliefs. In that article we named Gab.com as that alternative.

Well, having spent some time there over the last month or so, we realized two things about Gab:

  1. It is legit full of racists. I'm talking real racists too, not the bullcrap label that Democrats put on all conservatives in general. I'm talking the real deal here.
  2. The community there is very small, so those racists stand out quite a bit more than they would otherwise.
Needless to say, it wasn't the alternative we were looking for really.

Since then we discovered two more alternatives. One of them seems really promising!

Telegram

The first one is called Telegram

From their page:



I heard about them from the folks over at Infowars after they got completely de-platformed by Instagram and Facebook. If you didn't hear about that, our political site Mainwashed did a video about it below:



Paul Joseph Watson, a regular on Infowars, claimed he received 3000 followers overnight on Telegram.


Other than the guys at Infowars, I really haven't heard much more about it though. If you've used it, please let us know what you think in the comments!

Parler

The other alternative to Facebook and Twitter for conservatives we heard about is called Parler! The CEO of Parler was recently featured on the Laura Ingraham show:



In fact, The Hill also reported about it saying that President Trump's campaign team was checking it out as a viable alternative to Twitter.

From the piece:
President Trump's 2020 campaign manager is reportedly scouting a social media site aimed at a conservative audience for a potential new platform for the Trump campaign. 
Politico reported Tuesday that Trump campaign manager Brad Parscale is considering creating an account for Trump on the social media platform Parler, which has attracted right-wing activists banned from other social media platforms such as Facebook and Twitter.
The very next day after these two reports we noticed a mass exodus from Twitter to Parler. A huge group of people we follow with our Mainwashed account have made the move to Parler.

We did setup an account over there for Mainwashed, and even became verified! In fact, after our first day we had over 1,000 followers!


It looks like you can gain lots of followers the old fashioned way (that you used to be able to do on Twitter) by mass following like-minded users, and having them follow you back. So far there doesn't appear to be a limit to that. Not sure if that's a good or bad thing, I'll leave that up to you to judge.

Never the less, the community at Parler is booming and vibrant. It is very active and to us it looks very promising!

I even put out a poll on my person Twitter account seeing which one of these Twitter and Facebook alternatives was the best one:



As you can see, after over 1300 votes, Parler was the clear winner at 71%!

What do you think about these platforms? Have you tried any of them? Let us know what you think in the comments!

May 27, 2019

Anatomy of an IoT Attack



Connected devices are increasingly being used for cyber attacks. They often lack critical device protections and organizations fail to segment their networks in order to reduce the attack surface.


May 24, 2019

Ransomware - Anatomy of an Attack



See how an effective ransomware attack comes together. This is why today's enterprises require effective security. Via Cisco.




Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam