Collaborate Disseminate
Given that a passkey creation attempt fails, what are the steps one can take to identify the cause of the failure? It there a local log of browser passkey interaction? Is there a failure code somewhere provided by the server?
My situatio… Continue reading How can you find out why passkeys failed? [closed]
I left my MacBook (which was turned off) in the car in my laptop case, and the case was closed. I came back to the car, and the case was open.
There was only enough time for a usb device to be put in. I checked my logs when I got home, may… Continue reading MacBook hacked, left unattended, came back bag was opened [closed]
The session ID is a randomly generated string (node, crypto) of minimum 32 chars. The session ID will be stored in a NoSQL sessions table as well as in the main SQL database. I will use SHA-512 as the hash function on the session ID wherev… Continue reading Login, logout, session ID hashing and logging
Lately i see some line like this in my access.log
[2a05:22c7:1:2102::7] 114.32.218.17 – – [13/Dec/2024:01:03:10 +0000] "GET / HTTP/1.0" 200 12794 "-" "-"
Normally my access.log are like this
[alebalweb-blog.c… Continue reading Weird lines on access.log of apache web server
Microsoft has lost several weeks of cloud security logs that its customers rely on to spot cyber intrusions. What happened As reported by Business Insider earlier this month, Microsoft privately notified affected customers of this incident and told the… Continue reading Microsoft lost some customers’ cloud security logs
The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs that could help enterprise defenders respond to human-operated ransomware attack… Continue reading Use Windows event logs for ransomware investigations, JPCERT/CC advises
In our organization, we use a GCP setup with Kubernetes. We generate tons of firewall logs as we provide a digital service that generates a high volume of requests from our users. Storing all these logs is quite costly, especially when you… Continue reading Logging Strategy (high costs for storing all logs)
I am working on a data processing task in an enterprise environment with Python3 installed on a client-side Windows Jump server.
I need to download data regularly from a third-party provider, and it is accessed via a REST API.
The business… Continue reading Log REST API calls in the most auditable way
A few weeks ago we had a single user’s browser start hitting the server with a peculiar request (IP redacted for their privacy):
1.1.1.1 – – [21/May/2024:07:42:31 +0000] "POST /3kFtdvOkagEQbIxH HTTP/1.1" 404 5124 "https://ww… Continue reading Odd repetitive 16character 404 web requests, with json "RefreshTTL" payload
Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be leveraged for denial of service, information disclosure, or remote code executi… Continue reading Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323)