Profiling a DIY Chinese Based SQL Injection Capable Hacking Tool – An Analysis

I’ve recently spotted a currently circulating across the underground ecosystem a newly released DIY based Chinese SQL injection capable hacking… Continue reading Profiling a DIY Chinese Based SQL Injection Capable Hacking Tool – An Analysis

Profiling a DIY Search Engines Based Mass SQL Injection Capable Hacking Tool – An Analysis

I’ve recently spotted a currently circulating across the underground ecosystem a newly released DIY search engines based mass SQL injection… Continue reading Profiling a DIY Search Engines Based Mass SQL Injection Capable Hacking Tool – An Analysis

How secure is using https://*.domain.com as a value in a Content Security Policy?

Let’s say I am an organization with all my resources on example.com. I have a web server in the DMZ that hosts a website named app.example.com open to the internet.
The CSP for that website is Content-Security-Policy: default-src ‘self’ ht… Continue reading How secure is using https://*.domain.com as a value in a Content Security Policy?

Could a no code module injected to memory phenomenon in the process tree of the steam.exe file be suspicious?

I found a page, which analyzing memory processes (https://analyze.intezer.com/)
After the searches, it didn’t find anything harmful, but in the detailed analysis I found a module without code, which is injected into the memory among the pr… Continue reading Could a no code module injected to memory phenomenon in the process tree of the steam.exe file be suspicious?