When a security vulnerability is discovered in one of the PHP libraries you use, there are several options how you can learn about the bug before it's too late. I've written about PHP Security Advisories Database in one of my previous posts and how you can use it with Roave Security Advisories and a few other ways. However all of them require an extra package or a tool.
Some time ago, I've change my Google password. That change logged me out of my Google account on my iPad so Photos, Chrome, and other apps were asking again for my password to log me back in. The only problem was that all I could see, was a blank page instead of the Google login form, or just -- (NSURLErrorDomain: -999)
error.
At the end of August, a critical security bug was discovered and immediately fixed in one of the popular PHP frameworks, Nette. Although the author of the framework, David Grudl, did everything possible, some did not learn about the bug in time and did not update their sites and web apps. Let me tell you a few tips not only for PHP, that will help you to know about similar problems as soon as possible.
…at your event or conference, let me know!
Co zajímá Špačka na nových verzích PHP?
October 6, 2022, 51. sraz přátel PHP v Praze v CareCloudu (15 minutes)
Každej den je pátek, dejte mi od deployování svátek
June 3, 2022, PHP live 2022 (40 minutes)
Jak princezna finálně zatočila s (DOM) XSS
February 17, 2022, JSDays 2022 (60 minutes)
HTTPS není jen ten zámeček
November 25, 2021, Webinář Asociace pro elektronickou komerci (APEK) (240 minutes)
Nejčastější bezpečnostní chyby webů, jak je řešit, hlásit a jak na hlášení reagovat
November 18, 2021, Webinář Asociace pro elektronickou komerci (APEK) (240 minutes)
Michal Špaček: Před připojováním na veřejné Wi-Fi sítě už nevaruju
September 5, 2022, Lupa.cz
O temné straně UX designu
March 1, 2022, BlueGhost Update
Bezpečnost na internetu
February 2, 2021, Jak na sítě
Grading How Companies (In)Securely Store Passwords
August 1, 2019, All Things Auth Podcast
Engage in Continual Learning to Advance your IT Career
May 3, 2019, IT Career Energizer