Home Tags Hypertext Transfer Protocol (HTTP)

Tag: Hypertext Transfer Protocol (HTTP)

How to use correlation IDs in ASP.Net Web API

When working with microservices that communicate over the HTTP protocol, you will want to use correlation IDs to track individual requests.

Because requests might flow through many services that are spread across multiple systems, tracking them with correlation IDs will be your only hope of detecting and diagnosing errors that might creep into the middleware systems.

This article discusses what correlation IDs are, why they are useful, and how they can be used in ASP.Net Web API.What are correlation IDs? Letrsquo;s assume you have implemented a microservices architecture.
In an application comprised of microservices, different aspects of incoming requests will be handled by different microservices, all working asynchronously on their specific tasks and ultimately coming together to generate the response. Now, if something goes wrong, how would you determine by looking at the logs exactly where the request failed? Your logs might contain millions upon millions of log messages.
It would be a daunting task to find the relevant log entries among so many messages.To read this article in full or to leave a comment, please click here

MatchWare’s MindView 7 Mind Mapping Solution Features More than 25 Improvements...

MatchWarersquo;s new MindView 7 features a high-resolution Office 2016 interface, superior office integration, enhanced project management features, and more.

A complimentary trial version is available at http://www.matchware.com.

Tampa, FL (June 20, 2017) – MatchWare Inc. announced today that version 7 of its industry-leading mind mapping solution MindView is now available, and features more than 25 improvements, enhancements and upgrades that vividly illuminate ideas like never before.Trusted by businesses, educational institutions and government organizations worldwide, MindView... Source: RealWire

Ztorg: from rooting to SMS

Irsquo;ve been monitoring Google Play Store for new Ztorg Trojans since September 2016, and have so far found several dozen new malicious apps.

All of them were rooting malware that used exploits to gain root rights on the infected device.
In May 2017, a new Ztorg variant appeared on the Google Play Store – only this this time it wasnrsquo;t a rooting malware but a Trojan-SMS.

VU#489392: Acronis True Image fails to update itself securely

Acronis True Image fails to securely check for and retrieve updates,which an allow an authenticated attacker to execute arbitrary code with administrator privileges.

Honeypots and the Internet of Things

According to Gartner, there are currently over 6 billion IoT devices on the planet. Such a huge number of potentially vulnerable gadgets could not possibly go unnoticed by cybercriminals. As of May 2017, Kaspersky Lab’s collections included several thousand different malware samples for IoT devices, about half of which were detected in 2017.

ZCube announces the second edition of Open Accelerator: an international call...

Milan, 16th June, 2017 – ZCube, Research Venture of the pharmaceutical group Zambon, launches the second edition of Open Accelerator, a fast track acceleration program for life science start-up projects.Open Accelerator is a 12-steps program providing training to international researchers, scientists and aspiring entrepreneurs that, following a selection process, could receive seed investment of up to €100.000 per project.

Entries can be made following this link: http://www.openaccelerator.it/.

The call for ideas will be open until... Source: RealWire

VU#846320: Samsung Magician fails to update itself securely

Samsung Magician fails to securely check for and retrieve updates,which an allow an authenticated attacker to execute arbitrary code with administrator privileges.

Onfido recognised as Technology Pioneer by World Economic Forum

The World Economic Forum on Wednesday announced its selection of the worldrsquo;s 30 most promising Technology Pioneers 2017 Companies were selected for their potential to significantly impact business and society through new technologies, and advance the Fourth Industrial Revolution Onfido, which provides global Identity Verification using machine learning, was selected for its contribution to the field of RegTechThe full list of recognized Technology Pioneers can be viewed here http://wef.ch/techpioneers17 LONDON, June 14, 2017 – Onfido,... Source: RealWire

VU#768399: HPE SiteScope contains multiple vulnerabilities

HPE's SiteScope is vulnerable to several cryptographic issues,insufficiently protected credentials,and missing authentication.

VU#251927: CalAmp LMU-3030 devices may not authenticate SMS interface

OBD-II devices are used to provide telematics information for managers of fleets of vehicles. One type of device,manufactured by CalAmp,has an SMS(text message)interface. We have found multiple deployments where no password was configured for this interface by the integrator/reseller.

Companies using the CalAmp hardware should be aware that they need to set a password or disable SMS.
Vendors were notified and the SMS interface was disabled or password-protected by all vendors known to be affected.

Spectral Edge launches Ultra HD solution for color-blind viewers at M-Enabling...

Speaks alongside Comcast, Amazon and Yahoo at prestigious accessibility eventCambridge, UK and Washington DC, USA, June 8th, 2017 – Spectral Edge (http://spectraledge.co.uk/) today announced that it will unveil and demonstrate the new 4k Ultra HD version of its Eyeteq content accessibility technology at next weekrsquo;s M-Enabling Summit in Washington DC (June 12-14th 2017).

This enables Pay TV operators to better meet the needs of those that suffer with color-blindness, and consequently differentiate themselves from rivals.As... Source: RealWire

VU#350135: Various WiMAX routers contain a authentication bypass vulnerability in custom...

WiMAX routers from several vendors making use of a custom httpd plugin for libmtk are vulnerable to an authentication bypass allowing a remote,unauthenticated attacker to change the administrator password on the device.