There is a vulnerability allows remote code execution in Apache Tomcat APJ CNVD-2020-10487/CVE-2020-1938 (File read/inclusion vulnerability in the Apache Tomcat AJP connector ) Apache has released patches for all versions of Tomcat. Apache Version Affected Release Versions Fixed Version Apache Tomcat 9 9.0.30 and below 9.0.31 Apache Tomcat 8 8.5.50 and below …
Category: Security
Lets Encrypt Free SSL
WHAT Let’s Encrypt is a non-profit certificate authority run by Internet Security Research Group( ISRG -California public benefit organization), provides X.509 certificates for Transport Layer Security encryption without any charges. Let’s Encrypt founded in 2014 in part by the Electronic Frontier Foundation and is backed by Akamai, Google, Facebook, Mozilla and many more. Later with…
Basic apps and services to defense against data breaches
I) Passwords: Strong password is the first defense against any online account breach. Do not keep passwords include Family members names, anniversaries and birthdates as these can be easily be guessed by miscreants who might know the victims. If you have used the same password for multiple accounts over many years, chances are there that…