Blog

Attakk waterHole

Attakki tat-toqba tat-tisqija: kif l-APT u l-kriminali ċibernetiċi jinfiltraw infrastrutturi siguri

L-ewwel laqgħa tiegħi mad-dinja taċ-ċiberkriminali seħħet permezz ta' kampanja ta' attakk bit-toqba tat-tisqija ħafna snin ilu. I visited a Persian website and discovered that it was downloading malware onto visitorsbrowsers. I promptly contacted the site administrator, who informed me that they had no technical knowledge of the issue. It became apparent that
Aqra aktar

mili tal-kredenzjali

Il-mili tal-kredenzjali mhuwiex DDoS!

Dan smajtu kemm-il darba matul dawn l-aħħar snin: xi ħadd qed jesperjenza attakk DDoS tqil fuq il-websajt tagħhom. When I ask them what type of attack they are experiencing, the answer is usually that the bad guys are sending them thousands or even millions of POST requests. When I
Aqra aktar

Attakki tad-DDOS tal-Applikazzjoni

Saff ta 'applikazzjoni attakki DDoS, u kif jistgħu jittaffew

DDoS (ċaħda distribwita tas-servizz) u DoS (ċaħda tas-servizz) l-attakki jistgħu jiġu kklassifikati b'mod wiesa' fi tliet kategoriji bbażati fuq is-saffi tal-mudell tal-OSI li jimmiraw: saff tan-netwerk (Layer 3), transport layer (Layer 4), and application layer (Layer 7). Layer 3 and Layer 4 attacks are typically less complexeven though that they might
Aqra aktar

Web Application Firewall (WAF)

Il-WAF huwa mejjet, ħajja twila l-WAF!

The web application firewall (WAF) is a security tool used to guard against unwanted access to web applications. It is often a security device that sits on top of a web server and guards against threats from the internet or from beyond the network perimeter. Unlike Layer 3 (Network) and Layer 4 (Transport) firewalls, which
Aqra aktar

Zombie Cookies Verizon Yahoo AOL

Kif tittratta tekniki ġodda ta 'traċċar; Cookies Zombie u marki tas-swaba'Canvas

It-taħrab tas-swaba' tal-kanvas, u zombie cookie trackers m'huma xejn ġdid; Madankollu, dawn il-metodi jittejbu u saru effettivi b'mod notevoli matul iż-żmien. Riċentement, a study revealed that one in every four 10,000 most visited websites on the internet uses canvas fingerprinting to track the visitors with up to 99.9% accuracy. The tracking attempt to collect
Aqra aktar

PHP Suhosin

It-tmiem ta' Suhosin; x'inhu l-ieħor?

Għal ħafna snin, I zealously użaw Suhosin ma 'kwalunkwe implimentazzjonijiet ta' PHP5 fuq Apache2 jew PHP-FPM Nginx webservers biex jiddefendu kontra injezzjoni SQL u attakki oħra komuni tal-web. Fil-fatt, PHP5 kien tant diżastruż, kemm f'termini ta' sigurtà ewlenija, u l-funzjonijiet u l-moduli tiegħu li qatt ma stajt naħseb li użajtha…
Aqra aktar