Category: Chatgpt
In the event that you have a WAF in place and are hacked (likely, in the scenario where you have implemented the solution in monitoring/listen-only mode), the collection of the post data will be your primary evidence source that indicates how your application was exploited. This information is critical in your investigation and remediation…
Read MoreRisk is a calculated measurement involving a number of factors including likelihood of occurrence and the impact if exploited. We all know that we could be hit by a bus and suffer dire consequences while crossing the road today, but the likelihood of that occurring is so low that most of us consider it a…
Read MoreThe encapsulated IP packet header uses the same parameters as the encapsulating IP header. The Transport Layer protocol for the encapsulated IP packet is UDP. Most public routers will pass along the GRE packet because it’s a widely used protocol for generating VPN connections. We speculate that GRE might be the protocol of choice due to…
Read MoreAccording to the Defense Advanced Research Projects Agency (DARPA), it takes an average of 312 days for security pros to discover software vulnerabilities such as viruses, malware, and other attacks. In hacker time, that’s a virtual eternity in which bad actors can wreak havoc within infected systems and steal information, all without being noticed. DARPA…
Read MoreFigure 1: How an LDAP reflection-amplification attack works LDAP’s Weak Spot LDAP is used to query resources such as networks, systems, applications, and services throughout an organization network. This protocol is typically served over TCP, which requires a connection to be established before data is transferred. But, in this case, because the source IP address…
Read MoreSo far, we’ve seen IoT Distributed Denial-of-Service (DDoS) attacks on a Death Star scale. Even if your organization wasn’t a direct target of these giant barrages, many others were caught up as collateral damage because they had services adjacent or dependent on the direct target. Because of this, many organizations are preparing or strengthening their…
Read MoreIn just four short years, a healthy dose of paranoia about individual privacy as well as emerging support for encryption by browsers, social media sites, webmail, and SaaS applications have pushed encryption estimates from almost non-existent (in the low single digits before 2013) to just over 50% by the end of 2016. That’s quite a…
Read MoreFigure 2: Top domains in a Shodan search for CVE-2014-0160 on January 22, 2017 That’s disconcerting because there is a tendency to “fire and forget” in the public cloud, and concerns over understanding the shared responsibility model of public cloud have been previously voiced. This remains my favorite quote, from AWS head of global…
Read MoreThe essence of this attack is van Beek’s Microsoft Exchange Autodiscover vulnerability. In a September 2016 interview with The Register, van Beek said, “I recently discovered that most, if not all, Microsoft Exchange clients (eg, Outlook, iPhone mail app, Android mail app, Blackberry Mail App) are more than happy to provide a user’s password in plain…
Read MoreIf Shakespeare were alive today (and blogging), he might have written about the latest vulnerability to sweep the Internet by pointing out: Hath not the cloud interfaces, code, logic, data? Accessed with the same protocols, exploited with the same weapons, subject to the same vulnerabilities, mitigated by the same solutions, patched by the same methods…
Read More