Collaborate Disseminate
My site is getting increased traffic from r87.com suddenly (r87.com is the referrer) and it looks like the domain is owned by Netsparker.
I feel something is wrong as this r87.com is having no content, it’s simply redirecting to Netsparker… Continue reading Suddenly my site is getting traffic from r87.com [closed]
Recently, the log4j issue got a lot of attention. I run a chatbot web app that is not based on the JAVA stack. However, there is a backend component that analyzes the chatbot user input which is based on JAVA. I wonder to mitigate the log4… Continue reading Is removing the `${jndi:` string a mitigation of the log4j security issue?
Running dmesg on my Xubuntu 20.04.1 system shows multiple processor vulnerabilities including MDS vulnerable.
I was trying to follow the info in What are the new MDS attacks, and how can they be mitigated? to determine if any mitigations a… Continue reading rdmsr Command not found Checking for MDS Vulnerability
I am trying to onboard CTI feed for our SIEM. As part of the procurement process, I need to make sure that there are certain SLA`s which should be included in the contract terms for accountability of the managed service. Any thoughts whic… Continue reading SLA for Managed Services (CTI)
I’ve been trying to figure out how to construct a query in MS Defender’s Advanced Threat Hunting, to find machines with open SSLv2, SSLv3, and TLSv1.0 ports. If possible, it should be straightforward for someone who knows what they’re doin… Continue reading How to find deprecated versions of SSL and TLS with MS Defender’s Advanced Threat Hunting
I’am using the Mitre ATT&CK CTI for ICS and I need to get all the assets
shown in this page
How can I get them through their TAXII server?
Here is a little snippet of code interacting with the CTI.
from taxii2client.v20 import Server, … Continue reading Mitre ATT&CK for ICS: how to get the list of assets?
I am developing a solution that is mostly dependent on plug and play architecture. Currently, I am doing a risk analysis of this design.
What are the security issues in Plug and Play architecture? And how we can mitigate them?
This is a C#… Continue reading What are the security issues in Plug and Play architecture? And how we can mitigate them?
My agency (which isn’t a high security-risk, top-secret place) has an almost zero tolerance rule for Zoom and I am curious why. We are told to use WebEx instead but I fail to see why WebEx is more secure than Zoom. I don’t think it’s mer… Continue reading What precisely about Zoom is not secure? [closed]
What are some common internal and external attacks that an attacker uses to reach the level 0 zone and what can one do to mitigate them?
So I’ve been trying to merge all 3 templates provided by MS in the Threat Modelling tool to benefit from a number of vital components scattered across the Default, Azure and Medical template. Unfortunately a number of errors were encounter… Continue reading Microsoft Threat Model – Merging all 3 templates