Tag

Hacking

Browsing

Some of my best friends are ethical hackers. With the holidays approaching, these special people in my life will need special presents. Whether they are bounty hunting, pentesting as a part of a consulting project, doing security research to advance the field or working on a Red Team, they will want tools and information to make their life easier in the new year. Pick one of the Xmas gifts from the list below, and you…

by @bo0om, Wallarm Research Caching is a great technology practice. It makes life better for everybody — clients get the data faster, servers expend fewer resources and so on. There is even a whole CDN industry that was built to deliver caching as a service. There are many examples of caching configuration and tuning, but what I would like to talk about today are possible vulnerabilities in the caching techniques and methodology. Some environments are configured in…

New Drupal Vulnerability in Detail By @aLLy The second Drupalgeddon has come! It is a new variant of a critical vulnerability in one of the most popular CMSs, which caused a big stir. This newly-discovered breach allows any unregistered user execute commands in the target system by means of a single request. The problem is further aggravated by the fact that it puts all the most current versions of the application (7.x and 8.x branches, up…

by bo0om, Wallarm Research I’ve previously published an article about using Safari to compromise a computer file system. Unfortunately, there are more issues with Safari as we are now finding out. In this post, we will take a look at the possibility of a XSS exploit and a cookie compromise stemming from “unusual” Safari behavior. Normal browsers and their DNS requests. What does a browser do to open a web page? First, it sends a…

It is that time of year again when we collectively conjure up ghosts, witches, monsters and other frightening characters for Halloween chills. As children, these scary fiends may have terrified us, but not so much anymore. Yet as adults, we certainly have genuine horror stories that keep us awake at night still, especially if you are an IT manager. To quote the famous line in the 1983 film version of the Twilight Zone, “Do you…