PUBLIC MARKS from srcmax with tag security

A better alternative for securing our sensitive information online

The total amount of credentials (usernames/clear text password pairs) is 1,400,553,869..

Today, v2 of Pwned Passwords was released as part of the Have I Been Pwned service offered by Troy Hunt. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the industry combats modern threats against password security.

Chrome extension and Express server that exploits keylogging abilities of CSS.

In constant contact with its community of security researchers, YesWeHack can testify that it is complex for a security researcher and therefore, for a whistleblower to report security flaws -in a responsible way- to impacted organisations. Especially, if those organisations do not have a Bounty Bounty program registered on BountyFactory.io

First european bug bounty platform that relies on european economic area rules, principles and legislation.

Google recently announced a security policy change that will impact future versions of the Chrome browser. Chrome is already warning that support to powerful features on insecure origins (HTTP) is deprecated, and according to recent announcements the removal will take place soon.

After we published this post Google announced that they are pushing back the release date of the HTTPS security change. They’re estimating that it will now be released to production in December 2015.

As with gradually marking HTTP as non-secure, we expect to gradually migrate these features to secure-only, based on thresholds of usage, starting with lowest usage and moving towards higher. We also expect to gradually indicate in the UX that the features are deprecated for non-secure origins.

Jamie Brown, a developer, wrote on his blog that 1 in every 600 websites has its .git folder exposed to the world.It’s a rookie mistake to make when you deploy a site.

Stops abuse of your site's XML-RPC by simply removing some methods used by attackers. While you can use the rest of XML-RPC methods.

The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

User Enumeration is a method hackers and scanners use to get your username. This plugin stops it.

Make files in the WordPress media library private. These are only accessible to logged in users.