Buloqu

WaterHole attack

Watering hole attacks: how APT and cyber criminals infiltrate secure infrastructures

April 2, 2023

My first encounter with the world of cyber-criminals occurred through a watering hole attack campaign many years ago. I visited a Persian website and discovered that it was downloading malware onto visitorsbrowsers. I promptly contacted the site administrator, who informed me that they had no technical knowledge of the issue. It became apparent that
Wilika eso tale na ka

credential stuffing

Credential stuffing is no DDoS!

March 6, 2023

I have heard this many times over the course of the last several years: someone is experiencing a heavy DDoS attack on their website. When I ask them what type of attack they are experiencing, the answer is usually that the bad guys are sending them thousands or even millions of POST requests. When I
Wilika eso tale na ka

application ddos attacks

Application layer DDoS attacks, and how they can be mitigated

March 5, 2023

DDoS (distributed denial of service) and DoS (denial of service) attacks can be broadly classified into three categories based on the layers of the OSI model they target: network layer (Layer 3), transport layer (Layer 4), and application layer (Layer 7). Layer 3 and Layer 4 attacks are typically less complexeven though that they might
Wilika eso tale na ka

Web Application Firewall (WAF)

The WAF is dead, long live the WAF!

March 5, 2023

The web application firewall (WAF) is a security tool used to guard against unwanted access to web applications. It is often a security device that sits on top of a web server and guards against threats from the internet or from beyond the network perimeter. Unlike Layer 3 (Network) and Layer 4 (Transport) firewalls, which
Wilika eso tale na ka

Cookies o Kila Kilai Oqai

iWalewale ni kena walii na iwalewale vou ni kena vakadikevi; Cookies ni Veikauqaqa kei na iYagavulu ni Yavaqaso

September 7, 2020

iYqaqa ni yava ivakatakata, E ka vou na dausaro cookies kei na Kadrala; ia, era sa torocake na iwalewale oqo ka sa yaco me mana sara vakalevu ena veigauna. Wale tikoga oqo, a study revealed that one in every four 10,000 most visited websites on the internet uses canvas fingerprinting to track the visitors with up to 99.9% accuracy. The tracking attempt to collect
Wilika eso tale na ka

PHP Suhosin

Na icavacava kei Suhosin; na cava e tarava?

August 23, 2020

Ena vuqa na yabaki, Au sa dau vakayagataki Suhosin ena dua na ivakavakaravutaki ni PHP5 ena Apache2 se PHP-FPM Nix webservers me ra taqomaka mai na icula ni SQL kei na veicacati tale eso ni veilawa. In fact, PHP5 was so disastrous, both in terms of its core security, and its functions and modules that I could have never conceived using it
Wilika eso tale na ka

Voroki ni iLati

August 20, 2020

VAKADEWA


Farhad Mofidi

www.mofidi.us © 2025 Farhad Mofidi.