Collaborate Disseminate
A few weeks ago we had a single user’s browser start hitting the server with a peculiar request (IP redacted for their privacy):
1.1.1.1 – – [21/May/2024:07:42:31 +0000] "POST /3kFtdvOkagEQbIxH HTTP/1.1" 404 5124 "https://ww… Continue reading Odd repetitive 16character 404 web requests, with json "RefreshTTL" payload
Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be leveraged for denial of service, information disclosure, or remote code executi… Continue reading Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323)
An application is logging wrong OTPs (but not correct OTPs). I asked the application developers to not log wrong OTPs because I do not see any benefits. However, they do not want to modify the application code, and are asking me (I have no… Continue reading What security risks do you see with wrong OTPs appearing in application logs?
Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies’ SharePoint server. “These techniques can bypass the detection and enforcement policies of traditio… Continue reading New covert SharePoint data exfiltration techniques revealed
After select US federal agencies tested Microsoft’s expanded cloud logging capabilities for six months, Microsoft is now making them available to all agencies using Microsoft Purview Audit – regardless of license tier. “This change wi… Continue reading Microsoft begins broadening free cloud logging capabilities
A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for enterprise defenders. Discovered by a security researcher named Florian and reported… Continue reading A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs
I had a tab randomly open up that was for adware. Luckily, it was caught by my ad blocker, but I would like to figure out what triggered it to open.
I tried checking its history state through console, but I found nothing interesting. I t… Continue reading Does chromium keep logs of the events leading up to opening a new tab? [migrated]
I am wondering some issues about event log safety of powershell. I think is it possible to alter the powershell itself. But theorically the event log should show us every attempt made in powershell such as opening commands or codes that ma… Continue reading Can already opened event logs of PowerShell’s event properties screens on Windows be hacked by hackers in milliseconds?
I am wondering some issues about event log safety of powershell. I think is it possible to alter the powershell itself. But theorically the event log should show us every attempt made in powershell such as opening commands or codes that ma… Continue reading Can already opened event logs of PowerShell’s event properties screens on Windows be hacked by hackers in milliseconds?
CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. CISA’s version reimagines technology developed by the United Kingdom’s Natio… Continue reading Logging Made Easy: Free log management solution from CISA