Hackers gainaccess to US power grid

In a time of hacker attacks on critical infrastructure, even a run-of-the-mill malware infection on an electric utility’s network is enough to raise alarm bells. But the latest collection of power grid penetrations went far deeper: Security firm Symantec is warning that a series of recent hacker attacks not only compromised energy companies in the US and Europe but also resulted in the intruders gaining hands-on access to power grid operations—enough control that they could have induced blackouts on American soil at will. Continue reading “Hackers gainaccess to US power grid”

Storing Sessions in a database

Most common applications and “home-brew” sites use sessions for storing temporary data as well as authentication. However,
sometimes a developer may want the session to span over multiple domains and or servers, and some may just be very security
conscience. It is common knowledge that session data is stored in a text file on the webserver, however if you are using
a shared server (as most cannot afford dedicated hosting or VPS) then any user on that server may see your session files.
To prevent this, and allow your user’s sessions to span over multiple domains the answer is easy: store the session data in a
MySQL database! Most of you may not be sure how to do this, or may have even been unaway that this is possible, however it is
very easy. When storing sessions in a database PHP makes the work easy for us with the use of a function called
session_set_save_handler(), this function can control the way that sessions are stored, retrieved, destroyed, etc. Continue reading “Storing Sessions in a database”

Secure Hashing

Many developers believe in the practice of securing passwords and other financial data using a hash function (a function of turning some kind of data into a small number that may serve as a digital “fingerprint”). However just hashing a password isn’t enough it may still be bruteforced and as usernames and passwords are determined by the users not all will meet minimum secure levels so it is up to the developer to pick up where they leave off. Continue reading “Secure Hashing”