Cybersecurity

Meet Microsoft Entra — Which area of cybersecurity is often not talked about, but it is actually one of the largest areas of development, and is at the core of the security for users and organisations? It’s identity and access management. Overall, it is the basic process of proving our identity and then mapping…

High-severity vulnerability enables unauthorized access and potential data leakage. — Summary: This bug bounty report highlights a critical URN (Uniform Resource Name) Injection vulnerability . Exploiting this vulnerability allows unauthorized access to sensitive resources and potentially results in data leakage. Immediate attention and mitigation measures are necessary to safeguard the system’s integrity and protect user information.

You might be surprised how many guests find cameras in vacation rentals. Here’s what to do, before and after you book, to make sure you’re not being subject to surveillance. By Chandra Steele INT. CABIN — NIGHT JESS settles into a cozy, secluded Airbnb. He’s hoping for a little peace…

I am excited to announce the release of Living Off the Orchard: macOS Binaries (LOOBins). LOOBins is a new “living off the land” open-source project that aims to help defensive, offensive, and research cybersecurity professionals understand how various macOS binaries could be used for malicious purposes. The LOOBins website can…

(The title was created to draw attention) Introduction Hey everyone, today we’re going to talk about how web applications can be affected by a Broken Object Level Authorization (BOLA) vulnerability, and I’m also going to give you an exploit case example. Basically, the BOLA vulnerability allows an attacker to manipulate the…

Hello Hackers! 👋 It’s been a while since my last write-up, but I finally decided to shake off my laziness and share one of my recent findings with you all. This little adventure cost me around $18, and unfortunately, it didn’t yield any results. Nevertheless, let’s dive right in and…

Introduction Welcome to this new article, today I am going to show you how to clean your traces of a hacked computer, to be able to operate without your commands or your actions within the system are recorded in the system logs. To demonstrate this I will use two tools, one…

As organizations work to become more and more secure, implementing multi-factor authentication is usually one of the first things they do as it is usually simple to implement and is highly effective. However, even with MFA in place, it can still be abused by threat actors obtain access to accounts. …

Hi Al Salam Alykum, it’s a simple XSS but with a unexpected vulnerable point, i hope the write-up is clear, if not ping me, happy hacking. While Reconnaissance we found an http://example.com/index.html path with a response code 200 which was unexpected as the main URL (http://example.com) is a login page…