cybersecurity | The fastest way for busy developers to keep up with technologies 🚀

Story

@tutorialboy24 shared a post, 2 years, 8 months ago

tut

Spring Actuator - Stealing Secrets Using Spring Actuators - Part 1:

#Infosec #cyberse... #DevSecO... #andriod #informa...

Spring is a set of frameworks for developing Applications in Java. It is widely used, and so it is not unusual to encounter it during a security audit or penetration test. One of its features that I recently encountered during a Whitebox audit is actuators. In this series of articles, I will use the..

Blue Sky Photocentric Youtube Channel Art.png

2k views

Story

@tutorialboy24 shared a post, 2 years, 8 months ago

tut

Turning cookie based XSS into account takeover

#Infosec #cyberse... #Securit... #DevSecO... #informa...

EpilogueI reported the exploitation scenario and was rewarded €500, as the impact was high. Be patient, don’t give up, and think out of the box. In this case, I used the company’s service to exploit the bug.Source :- https://tutorialboy24.blogspot.com/2022/09/turning-cookie-based-xss-into-account.ht..

2k views

Story

@tutorialboy24 shared a post, 2 years, 8 months ago

tut

Exploiting Amazon Simple Notification Service Improper Validation of SigningCertUrl

#cyberse... #aws #DevSecO... #Securit...

IntroductionCountless applications rely on Amazon Web Services’ Simple Notification Service for application-to-application communication such as webhooks and callbacks. To verify the authenticity of these messages, these projects use certificate-based signature validation based on the SigningCertURL..

2k views

Story

@tutorialboy24 shared a post, 2 years, 9 months ago

tut

A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 1)

#Securit... #Securit... #cyberse... #Infosec

IntroductionAs a representative of cloud-native management and orchestration systems, Kubernetes (K8S for short) is receiving more and more attention. A report [1] shows that 96% of organizations are using or evaluating K8S, and its market share in production environments is Visible.The functions of..

2k views

Story

@anasnasim12 shared a post, 3 years ago

Student

Machine Learning for Cybersecurity

#Machine... #Artific... #cyberse...

Everything about Machine Learning for Cybersecurity and in-between.

2k views

Story BridgeCrew Team

@bridgecrewio shared a post, 3 years, 5 months ago

Vulnerabilities vs. Security Misconfigurations: An Essential Primer

#cyberse...

When you hear the term “security breach,” chances are that risks like malware or ransomware attacks come to mind. These exploits tend to feature in headlines about major cybersecurity attacks.

Screen Shot 2022-01-27 at 1.26.23 PM.png

2k views

Story

@adetomiwaj shared a post, 3 years, 5 months ago

Methodology for Malware Static analysis: Portable Executable (PE) files

#cyberse...

Malware analysis determines if a program/file is malicious. There are two phases in malware analysis.

4k views

Story

@cyberpotato shared a post, 3 years, 5 months ago

Four Questions Your Information Security Team Should be Asking

#cyberse...

The key to succeeding in information security and cyber threat intelligence is recognizing what you’re dealing with, and adapting accordingly.

2k views

Story

@kyle_hemsley shared a post, 3 years, 6 months ago

Securing Microsoft Azure AD with FIDO2 Keys — Passwordless Authentication

#cyberse...

Azure AD is a powerful cloud-based IdP from Microsoft that many organizations have “free” access to through their M365 subscriptions for Office 365 / Exchange Online.

2k views

Story

@thecybermutt shared a post, 3 years, 6 months ago

Deciphering A Caesar Cipher with Python

#cyberse... #Python

Caesar ciphers map out characters to other characters based on a number key chosen by the designer of the Caesar cipher.

3k views