Skip to content

We talk to you about

Data Privacy & Security

We talk to you about

Data Privacy & Security

Our last posts

Our last posts

Shodan Postman Collection

The Christmas holidays are coming and to those of you who feel like doing something adventurous: there is now a new way to visit the dark caverns of the internet. We created an exciting combination of two existing services that make this trip possible: A Postman collection of all the currently available Shodan API calls. It's available for download on our github account: https://github.com/bitnesswise/shodan-postman-collection where you will find installation instructions as well.New to Shodan and/or ...

Mitigating CVE-2019-11358 in old versions of jQuery

A few months ago, a new vulnerability was found in jQuery, affecting all existing versions of jQuery. It was fixed only in the new version 3.4.0.The SNYK website has a lot of detailed information about this ‘Prototype Pollution’ vulnerability, so I won’t go into that here. For those interested, follow this link : https://snyk.io/vuln/SNYK-JS-JQUERY-174006 What I find interesting is the fact that no patch has been made available for older versions - the argument of ...

Implementing a CAA Record

It has been a while since tools like Qualys’ SSLLabs and testssl.sh are reporting on the usage of CAA records. So anyone caring about the quality and security of their SSL connection will probably have noticed its existence by now. But what is it for and how do you configure it? In short: using a (DNS) CAA record you can specify which Certificate Authorities are allowed to issue certificates for your domain names. Because a lot ...

Data Privacy

Security

Scroll To Top