Collaborate Disseminate
Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those credentials can then be used log in to any of the organization’s platforms tha… Continue reading A common user mistake can lead to compromised Okta login credentials
For a web app that will get heavily attacked, I figure one very useful tool will be audit tracking of what occurred for both getting a better picture of attacks and , if the worst happens, learning exactly what went down to both mitigate t… Continue reading Audit tracking for web users [closed]
While it can be straightforward to distill water to high purity, this is rarely the best method for producing water for useful purposes. Even drinking water typically needs certain minerals …read more Continue reading Remote Water Quality Monitoring
Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving obvious forensic traces of the malicious activity in GCP’s storage access logs, Mitiga researchers have discovered. GCP data exfiltration … Continue reading Google Cloud Platform allows data exfiltration without a (forensic) trace
I have been hacked, and I have been to the the police… getting hacked over and over again. My gmail logins show an "unknown" browser from the same IP as my log-ins. Even when I’m for some days on vacation, the "unknown&quo… Continue reading Unknown logins in my Gmail account [closed]
These are the warning logs from my router..
What is Detect UDP port scan attack? And what is ip 213.74.0.1 ? Does it belong to local area?
2023-02-19 00:12:17 Security Warning Intrusion -> SRC=167.94.146.24 DST=10.127.35.103 LEN=44 … Continue reading Router security logs.. What each of them means?
These are the warning logs from my router.
What is a UDP port scan attack? And what is IP 213.74.0.1? Does it belong to the local area?
2023-02-19 00:12:17 Security Warning Intrusion -> SRC=167.94.146.24 DST=10.127.35.103 LEN=44 TOS… Continue reading What is a UDP port scan attack? How to find out if an IP is in my local area? [closed]
I am trying to set up a honeypot service on the network and I installed dionaea honeypot. I figured out that each service is being controlled by yaml files present in /opt/dionaea/etc/dionaea/services-available.
The way defaults work is al… Continue reading How to write separate log files for separate services in dionaea honeypot
I run a bare-metal on-premises GitLab server (Ubuntu 22.04) for a very small company. While the server isn’t currently in production use, it is active and accessible over the public internet.
I have UFW set to block everything except HTTP,… Continue reading Unexpected drop in UFW noise, should I be worried?
There are sound reasons not to put any secrets, PII or other sensitive information into the logs on the server side (see OWASP ASVS V7).
But should the same rule apply on the client side? Is there a sound reason we should prohibit devs fro… Continue reading Logging secrets in the user agent (browser)