Chama JennaneforfreeCodeCampfreecodecamp.org·Oct 9, 2024How to Strengthen Your Code: Essential Secure Design Principles for DevelopersSecure design principles have long been the foundation for building secure systems. And they remain a crucial aspect of modern cybersecurity. Introduced in 1975 by Saltzer and Schroeder in their landmark paper The Protection of Information in Compute...Discusssecure coding
Rosecurifylog.rosecurify.com·Oct 5, 2024Seclog - #94📚 SecMisc Tools Index | Hackers of India - A comprehensive index of hacking tools. Read More Unleash the Power of Censys Search - A guide for using Censys search effectively. Read More Lambda Watchdog - A monitoring tool for AWS Lambda functions....DiscussseclogCVE-2024-45409
Atharv Patilatharvpatil.hashnode.dev·Oct 3, 2024Understanding Server-Side Template Injection (SSTI)Server-Side Template Injection (SSTI) is a significant vulnerability in modern web applications, enabling attackers to inject malicious code into server-side templates. This flaw arises when user inputs are improperly handled and directly embedded in...Discuss·1 like·38 readsServer-Side Template Injection
YoungVandayoungvanda.hashnode.dev·Sep 23, 2024Meteor Subdomain TakeoverIn the name of Allah Hi guys, I’m here again, YoungVanda. In this write-up, I’m gonna talk about Meteor Subdomain Takeover. From a simple recon to one of the trickiest exploitations of my life 😉 In this write-up, I explained everything from the beg...Discussbugbounty
Rosecurifylog.rosecurify.com·Sep 22, 2024Seclog - #92"In the digital age, the supreme art of war is to secure one's own data while making the enemy doubt theirs." - The Art of Cyber War 📚 SecMisc CellGuard - Introduction to a mobile security project - Read More Introduction to Security - Cybersecuri...Discussseclogseclog
Subhanshu Mohan Guptablogs.subhanshumg.com·Sep 16, 2024FeaturedRansomware Resilience: DevSecOps Strategies for Preventing and Recovering from Cyber ExtortionIntroduction: The Ransomware Threat Ransomware attacks have evolved into one of the most significant threats to digital infrastructures worldwide. With high-profile incidents such as the Colonial Pipeline hack, the devastating consequences of ransomw...Discuss·44 likes·99 readsAI powered DevOpsDevSecOps
Rosecurifylog.rosecurify.com·Sep 15, 2024Seclog - #91"Build your network as you would a fortress; with layers, deception, and traps for the unwary." - The Art of Cyber War 📚 SecMisc bug.directory - Description not provided - Read More x86re - Description not provided - Read More 📰 SecLinks GAZEp...DiscussseclogSecurity
Abishek Kafledevops.abisec.xyz·Sep 13, 2024WordPress Community Plugin PeepSo Vulnerability: CVE-2024-31251Introduction Hey there! I'm Abishek Kafle, a security researcher with the Patchstack Alliance. Today, I want to tell you how I found a big security flaw in a popular WordPress plugin, which got the CVE-2024-31251. This story shows why detailed securi...DiscussInfoseccve-2024-31251
jamarirjamarir.hashnode.dev·Sep 12, 2024[CTF] LAKERA - GandalfGandalf prompt injection https://gandalf.lakera.ai/ Your goal is to make Gandalf reveal the secret password for each level. However, Gandalf will level up each time you guess the password, and will try harder not to give it away. Can you beat leve...Discuss·27 readsCTFinfosec
Subhanshu Mohan Guptablogs.subhanshumg.com·Sep 11, 2024Achieving GDPR and CCPA Compliance with Automation and Encryption: Insights from Real Breach CasesIn today’s digital landscape, data breaches like the ones involving Facebook and Marriott have shown us the immense consequences of mishandling sensitive data. The General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) h...Discuss·30 likes·35 readsAI powered DevOpsinfosec