18Ara
AI-generated malvertising “white pages” are fooling detection engines
With AI, it’s not only the sky that’s the limit, it’s the entire universe.
17Ara
5 million payment card details stolen in painful reminder to monitor Christmas spending
An online repository of screenshots where victims filled out their payment card details online was publicly accessible.
16Ara
Task scams surge by 400%, but what are they?
Task scams are a new type of scams where victims are slowly tricked into paying to get paid for repetitive simple tasks
13Ara
In the Oauth2 client credentials grant, why do we use tokens instead of authorizing directly at each api call?
Since we are dealing with server to server communication, couldn’t we just send the credentials at each api call?
13Ara
Which characters are legal in OpenID Connect subject identifiers?
Are any of the "control characters" legal? That is, those in the range 0x00 to 0x1F, legal? For instance, carriage return, line feed, tab, or zero? What about 0x7F?
The OIDC spec just says "The sub value is a case-sensitive …
12Ara
How to make modsecurity log to audit_log only when the request is returning with 403 status code
I don’t want logs to appear if the inboud_anomaly_score hasn’t exceeded the threshold, how do I do this in modsecurity.
11Ara
Decrypting hacked wordpress files
My friend asked me why his website seems weird on Google and why meta title seems to be “トリプルフローアイロン”.
After checking request logs on his hosting panel and checking files on FTP, it’s clear that the website was hacked by someone who wants …
2Ara
NTFS FILE Record Reuse
Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor of the Malware Binary Triage (IMBT) course starting this Black Friday and Cyber Monday!
Enroll Now…
2Ara
The Curious Case of an Egg-Cellent Resume
Key Takeaways Private Threat Briefs: Over 20 private DFIR reports annually. Threat Feed: Focuses on tracking Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, etc. All Intel: Includes everything from … Read More
23Kas
Palo Alto Networks Management Interface Attack
Palo Alto Networks has recently disclosed two zero-day vulnerabilities, CVE-2024-0012 and CVE-2024-9474, affecting the PAN-OS firewall and other products. Both flaws, which are actively being exploited in the wild, affect the Management Web Interface. …
