I usually get questions about why I have a sticker on the ambient light sensors of my laptops and phone. Some people think I donʻt know the difference between a light sensor and a camera and try to explain to me that this is not a camera. Ko e meʻa ʻoku ʻikai ke nau ʻiloʻi ʻe lava ke hoko ʻa e ambient light sensors…
Lau ke lahi ange
Thanks to Mastercard’s long annual leave (we have 25 days!) I took a two week trip to Egypt earlier this month to visit a place I have always wanted to see: the burial tombs of the ancient pharaohs in the Valley of the Kings. As a security engineer, I could not help looking at these…
Lau ke lahi ange
This post is a response to a friend who is seeking a cybersecurity role in an extremely challenging market. Given that this is a widespread issue these days, I decided to write a post rather than simply leaving a comment. Various statistics from multiple sources suggest that there is a wide gap in cybersecurity roles,…
Lau ke lahi ange
My first encounter with the world of cyber-criminals occurred through a watering hole attack campaign many years ago. I visited a Persian website and discovered that it was downloading malware onto visitors’ browsers. I promptly contacted the site administrator, who informed me that they had no technical knowledge of the issue. It became apparent that…
Lau ke lahi ange
I have heard this many times over the course of the last several years: someone is experiencing a heavy DDoS attack on their website. When I ask them what type of attack they are experiencing, the answer is usually that the bad guys are sending them thousands or even millions of POST requests. When I…
Lau ke lahi ange
DDoS (distributed denial of service) and DoS (denial of service) ʻe lava ke fakafaʻahinga lahi ʻa e ngaahi ʻohofi ki ha faʻahinga kulupu ʻe tolu ʻo makatuʻunga ʻi he ngaahi konga ʻo e sipinga OSI ʻoku nau fakataumuʻa ki ai: network layer (Layer 3), transport layer (Layer 4), and application layer (Layer 7). Layer 3 mo e Layer 4 ʻoku ʻikai faʻa faingataʻa ange ʻa e ngaahi ʻohofi–neongo te nau lava…
Lau ke lahi ange
The web application firewall (WAF) Ko ha meʻangaue maluʻi ia ʻoku fakaʻaongaʻi ke maluʻi mei he hu taʻe fakamafaiʻi ki he ngaahi polokalama uepisaiti. ʻOku faʻa hoko ia ko ha meʻangaue maluʻi ʻoku tuʻu ʻi muʻa ʻi ha web server pea maluʻi mei he ngaahi fakamanamana mei he ʻinitaneti pe ʻi he tafaʻaki ʻo e netiueka. ʻOku ʻikai hange ko e Layer 3 (Network) mo e Layer 4 (Transport) firewalls, which…
Lau ke lahi ange
Fakatataa fingerprinting, pea ko Zombie kukisi trackers ʻoku ʻikai ko ha meʻa foʻou ia; ka neongo ia, ʻOku fakalakalaka ʻa e ngaahi founga ko ʻeni pea kuo notoriously ola lelei ʻi he taimi. Ki muí ni mai, Naʻe fakaha ʻe ha ako ko e taha ʻi he fa kotoa pe 10,000 ngaahi uepisaiti lahi taha ʻoku ʻaʻahi ki ai ʻi he ʻInitaneti ʻoku nau fakaʻaongaʻi ʻa e fakatataa fingerprinting ke muimuiʻi ʻa e kau ʻaʻahi ʻo aʻu ki 99.9% tonu. Ko e feinga ke muimuiʻi ke tanaki…
Lau ke lahi ange
ʻI ha ngaahi taʻu lahi, Kuo u ngaue ʻaki ʻa e Suhosin ʻaki ha implementations ʻo PHP5 ʻi he Apache2 pe PHP-pm Nginx webservers ke maluʻi mei sql huhu mo e ngaahi ʻohofi angamaheni kehe. Ko hono moʻoni, naʻe fuʻu fakatuʻutamaki ʻaupito ʻa e PHP5, fakatouʻosi ʻi he tuʻunga ʻo hono tefitoʻi maluʻi, mo hono ngaahi ngaue mo e modules naʻe ʻikai ke u teitei fakakaukau atu ke fakaʻaongaʻi ia…
Lau ke lahi ange
