What stealthy attacks are hiding in API data — and why do most WAF miss them?!

Is JSON really more secure than other data encoding formats? JSON is a serialization format that allows users to (1) send objects as strings and then (2) it sends applications to recover objects from those strings. So, the short answer is that the JSON format as dangerous as other serialization formats.
Read More

Six Xmas Gifts for the Pentester in your Life

Some of my best friends are ethical hackers. With the holidays approaching, these special people in my life will need special presents. Whether they are bounty hunting, pentesting as a part of a consulting project, doing security research to advance the field or working on a Red Team, they will want tools and information to...
Read More

Cache poisoning and other dirty tricks

by @bo0om, Wallarm Research Caching is a great technology practice. It makes life better for everybody — clients get the data faster, servers expend fewer resources and so on. There is even a whole CDN industry that was built to deliver caching as a service. There are many examples of caching configuration and tuning, but what I...
Read More

Drupalgeddon Two.

New Drupal Vulnerability in Detail By @aLLy The second Drupalgeddon has come! It is a new variant of a critical vulnerability in one of the most popular CMSs, which caused a big stir. This newly-discovered breach allows any unregistered user execute commands in the target system by means of a single request. The problem is further...
Read More

The Good, The Bad and The Ugly of Safari in Client-Side Attacks

by bo0om, Wallarm Research I’ve previously published an article about using Safari to compromise a computer file system. Unfortunately, there are more issues with Safari as we are now finding out. In this post, we will take a look at the possibility of a XSS exploit and a cookie compromise stemming from “unusual” Safari behavior....
Read More

Horror Stories and Scarecrows of 2017

It is that time of year again when we collectively conjure up ghosts, witches, monsters and other frightening characters for Halloween chills. As children, these scary fiends may have terrified us, but not so much anymore. Yet as adults, we certainly have genuine horror stories that keep us awake at night still, especially if you...
Read More
1 2
Show Buttons
Hide Buttons