Lucene search
K
D0znppMost viewed

138 matches found

Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/08/25 1:6 p.m.32 views

Insufficient Logging Monitoring☝️ — What you need to know

Insufficient Logging Monitoring☝️ — What you need to know Introduction API10:2019 Insufficient Logging & Monitoring What is Insufficient Logging & Monitoring? The title already says a lot but this vulnerability is a bit more complex than it was at first sight, of course the API is vulnerable if it...

7.5AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/12/03 8:4 a.m.30 views

What is AES Advanced Encryption Standard ❓

In any case, AES cipher is the famous framework that aids in digital encoding facts making use of a maintained 128-digit, 192-piece, or 256-cycle symmetric encryption estimate from the Advanced Encryption Standard AES, additionally called FIPS 197. The AES is a PC protection general for obtaining...

7.2AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/25 1:46 p.m.28 views

What is XMPP ❓ — Extensible Messaging & Presence Protocol

What is XMPP ❓ — Extensible Messaging & Presence Protocol Introduction In the early 2000s, when the idea of chat applications was shaping, XMPP was allowing developers to construct interactive chat applications. Since its genesis, this protocol has come a long way and is now included in the tech...

6.9AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/09/02 5:50 a.m.28 views

Phishing Attack Prevention — How to Spot, What Should Do❓ | Wallarm

Phishing Attack Prevention — How to Spot, What Should Do❓ No business, small or large, is impervious to phishing attacks. Some of the largest-scale attacks have been on renowned multi-million dollar corporations. Fortunately, there is a light at the end of the tunnel. It is possible to defend...

7.2AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/08/21 7:47 a.m.28 views

Mass Assignment❗️ — What you need to know

Mass Assignment❗️ — What you need to know Introduction API6:2019 Mass Assignment What is Mass Assignment? Applications these days often rely an objects For example user, product, … and these objects have properties for example product.stock. As a user, we have the authorization to edit and view...

7.2AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/08/23 7:8 a.m.27 views

Security Misconfiguration☝️ — What you need to know

Security Misconfiguration☝️ — What you need to know Introduction API7:2019 Security Misconfiguration ‍What is Security Misconfiguration? There are several factors that might indicate a Security Misconfiguration. We should be very careful with handling configurations because if the correct security...

7.6AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2017/06/20 4:10 a.m.27 views

My first working week with Opera Reborn

So, last Monday I changed my Chrome to the new Opera. It was an experiment to feel how is it “really” different from Chrome. I should mention before writing this post two important things about my background: 1. I was an Opera user since 2003 to 2010 and then moved to Chrome because of the many...

6.8AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/20 4:13 p.m.25 views

What is API Abuse ❓ Prevention measures.

APIs are paramount for constructing a steadfast and constant communication bridge that empowers devices to pass-on desired information seamlessly. Hackers adopt many ways to exploit the APIs and corrupt the targeted device. This API exploitation is a potential threat to API security and needs...

7.3AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2020/08/01 5:8 p.m.25 views

Thanks for sharing! I've just checked you payload with Wallarm, we are good at this point.

Thanks for sharing! Ive just checked you payload with Wallarm, we are good at this point...

2AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2023/05/14 6:55 a.m.24 views

The Hand-y Etiquette of Modern All-Remote Culture

In today’s fast-paced digital world, remote work has become the new normal. With the rise of video conferencing platforms like Zoom and Microsoft Teams, we have adapted to an all-remote culture where communication is largely virtual. One aspect of this culture that has become increasingly importa...

6.7AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/28 6:10 a.m.24 views

What is Cross Site Request Forgery CSRF | Example and Methods of protection

Organizations aspiring for all-around resource security against the damage-causing cyber vulnerabilities must upgrade their knowledge and get acquainted with all the existing types. CSRF is what is covered sizably in the post. What is CSRF Attack? A counterpart of XSS, CSRF is one of the multiple...

6.6AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/19 6:30 a.m.24 views

What is Cryptojacking Attack ❓ Definition and Prevention

Introduction A conceivable threat to cryptocurrency owners, cryptojacking is an attack using which threat attackers can mine cryptocurrency at the expenditure of the target’s resources and network health. If not managed properly at the premature stage, the consequences of this vulnerability can b...

6.9AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/18 5:6 p.m.23 views

What is API Abuse ❓ Prevention measures.

APIs are paramount for constructing a steadfast and constant communication bridge that empowers devices to pass-on desired information seamlessly. Hackers adopt many ways to exploit the APIs and corrupt the targeted device. This API exploitation is a potential threat to API security and needs...

7.3AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/12/08 9:48 a.m.23 views

What is a Supply Chain Attack ❓

Presentation The Kaseya cyberattack disturbed more than 1,000 organizations over the Fourth of July weekend and may end up being perhaps the greatest hack ever. It’s additionally a typical case of an “Supply Chain” hack: a sort of cyberattack where hoodlums target programming merchants or IT...

7.1AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/17 11:58 a.m.23 views

Meaning CISO (Chief Information Security Officer) in cybersecurity ️‍♀️

Not many out of each odd association has an undeniable level security expert: According to IDG’s 2020 Security Priorities Research, 61% of researched associations do, but that rate increments by to 80% for tremendous endeavors. However, in associations that use an especially pioneer, they accept ...

7AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/16 6:1 a.m.23 views

What is IAM (Identity and Access Management) ❓

Would you like to leave your locker open, with valuables inside, while you’re leaving town or going to sleep? Of course not, as doing so is a foolish act and is like sending invitations to the buglers. Similarly, one shouldn’t leave its database and information center open for all. This will lead...

8AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/10/27 6:44 a.m.23 views

What is API Gateway ❓ How it works ❓

In general, a gateway is a passage that acts as a connector for 2 components to make them achieve certain functionality. API Gateway is not very different. However, it is a crucial topic to understand for many of us. Well, in this article, we have got you covered. Introduction to API Gateway: A...

Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/09/14 11:43 p.m.23 views

Wallarm API Firewall outperforms Nginx in a production environment

Wallarm API Firewall is a free light-weighted API Firewall that protects your API endpoints in cloud-native environments with API schema validation. Wallarm API Firewall relies on a positive security model allowing calls that match a predefined API specification, while rejecting everything else...

6.9AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/31 11:44 a.m.22 views

What is an SSL certificate ❓ Meaning and Types

Introduction Website/application owners have tons of aspects to look into. However, ensuring end-to-end security ranks top as it is the most crucial factor that an end-user watches out for. Additionally, improved security bags higher ranking, and better SEO. SSL certificate is one of the many...

6.7AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/24 5:52 a.m.22 views

What is Transport Layer Security (TLS) ❓

The code suites and security impediments picked by any association utilizing Transport Layer Security TLS fundamentally affect the security of that association. This article will doubtlessly help you in settling on these choices to guarantee the privacy and decency of the client server...

7.2AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/12 9:12 a.m.22 views

What is multifactor authentication and its benefits

If you’re a professional, dealing with API or system security, then multi-factor authentication won’t be an unfamiliar term. After all, it is the spine of system security. Used at multiple places and for various purposes, it is a real savior against online vulnerabilities for all of us. In this...

7.5AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/08 6:57 a.m.22 views

What is a Webhook and How Does it Work ❓

If you’re amazed how a web app can converse with other apps and pass information to streamline operations then you must know about webhook. More than a mere means of communication for online services, webhook make tons of things conceivable. It’s an interesting piece of technology used for enabli...

6.8AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/10/28 8:41 a.m.22 views

What Is API Management ❓ All That Novices To Experts Should Learn

The world of mobile and web app development revolves around API or Application Programming Interface. It’s a magic wand using which an application developer lets the applications correspond with each other. While you’re dealing with API, gaining acquaintances with API management operations, tools...

7.9AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/18 12:2 p.m.21 views

What is a firewall ❓ Everything you need to know about

In the tech world, a firewall is a wellbeing network framework that screens and controls moving ever closer affiliation traffic dependent upon destined security rules. A firewall ordinarily draws up a line between a confided in affiliation and an untrusted affiliation, like the Internet.‍ What is...

7.3AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/08/27 6:29 a.m.21 views

Smurf DDoS attack:❗️ How it works and how to mitigate

Attacks geared at denying users access to servers are executed in different ways. One notable approach — similar in many forms of service denials — is the use of volume. The sheer volume of requests is employed by attackers to render a particular network useless. A good representation of that is...

7.2AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/12/29 6:37 a.m.20 views

API Portal: Introduction, Usage and Security Tips

As the name suggests, an API Portal is an intermediary used for connecting API suppliers and end-users. Situated on the company’s website, it’s a document featuring the key usages of API. While one tries to grasp the essence of API and its usage, knowing properly about API Portal is essential, as...

7.4AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/12/22 3:48 p.m.20 views

Explanation of what Java API is ❓ Types. Examples

When the two most viable and essential application/software development comes together, programmers are allowed to have unmatched functionality. Java API Application Programming Interface is the perfect example of how to attain this. Acknowledged as a crucial entity for internal and open...

7.9AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2017/04/09 9:30 p.m.20 views

Analysis of the EQGRP leakage

As you know, yesterday TheShadowBrokers group released EQGRP archive with some interesting data inside. As they mentioned, it’s a NSA leakage with a lot of “cyberweapon”. I analysed this data yesterday to find the answers to following questions: 1. When did the leak occur? 2. Who were the targets...

6.8AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2019/04/21 1:11 a.m.19 views

What else should you know about argument injection at OS commanding vulnerabilities

The first research related to this technique, as I believe dated by March 2013. It described the way how to deal with the escapeshellarg and other scaping functions used to sanitize data at shell calls like system, passthru, exec and others. This technique became very popular later, especially...

1.8AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/30 5:10 p.m.18 views

DNS Amplification Attacks Explained

Meaning of DNS Amplification Attacks A Domain Name System DNS enhancement assault is one out of various circulated refusal of administration DDoS assaults. Very much like different assaults of this nature, the objective of aggressors is to keep clients from utilizing a specific organization,...

0.2AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/12/29 2:49 p.m.17 views

What is a Botnet ❓ Definition, Types, Example Attack

Professionals, who make system security arrangements, are well-aware of the term ‘botnet’. Often used for the chain of hijacked computers/systems, the term ‘botnet’ should be well understood if a restorative and robust system is instructed as their wrong usage can lead to tremendous chaos. Botnet...

0.4AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2017/04/07 6:52 p.m.16 views

The power of Wallarm search engine

In this article I would like to show and explain my personal use cases of the Wallarm search engine. The cool thing about it is human readable search with intuitive commands. Just look at this search command before we start: attacks incidents vulns today RCE 502 For a security engineer looking at...

7.2AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/11/08 3:57 p.m.15 views

Discovering shadow APIs with a API firewall

Shadow APIs can be defined as active endpoints that you are not aware of. Some APIs are deployed but never documented. Others are services that don’t have an owner anymore. Some are even old v2 versions that have been deprecated for years, yet still exposed. Long story short: these APIs are not...

7.1AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/14 10:26 a.m.14 views

What is RAT Remote Access Trojan ❓ Detection and Removal

Introduction Humans live in the 21st century where a large portion of our exchanges are taken care of on the web. Thus, people, businesses and organizations are presented with new online protection dangers. A significant number of these digital dangers will break into your framework and challenge...

7.4AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/12/10 9:48 a.m.14 views

What is OAuth ❓ All you need to know

Introduction You’ve probably heard about the dangers of giving out your passwords and why you should never do it. There are various protocols designed to protect you and prevent the need for inputting your passwords or log in credentials repeatedly. When a website needs your password to offer you...

7.4AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/12/16 10:38 a.m.13 views

What is Clickjacking ❓ Definition and Prevention techniques

Progressed aggressors are persistently cultivating their systems to avoid region. Eventually, they can cover a clearly harmless site page with an immaterial layer containing noxious affiliations. This strategy for assault, known as clickjacking, could make you instigate your webcam or move cash...

6.6AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2017/03/29 12:40 a.m.13 views

Google’s lessons in security: bring together security engineering and incident response

Last week during Google Next conference, we have heard an interesting talk where a google security PM, Andy Chang, explained what Google has learned from preventing, detecting and responding to cyber attacks over the years. Not surprisingly, Google is paying a lot of attention to securing the...

7.3AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2017/04/09 2:53 a.m.12 views

5 Red Flags That Tell You Vendors Are Lying About AI

This is the original version of this article: The term Artificial Intelligence has become a buzzword that people use in sales pitches all the time. You will hear about it in the latest ad copy for new gadgets and programs. It also happens to be the most important tool in the cyber security field...

6.5AI score
Exploits0
Total number of security vulnerabilities138