Hacking a robot vacuum cleaner and spying on the owner in real time
A major home robotics manufacturer failed to address the security issues of their robot vacuum cleaners, even though they were warned about the risks last year. Without…
Security
Discover the latest news, reviews, and best practices in information security. Stay updated on cybersecurity threats, protection strategies, and innovations in safeguarding data
Inspection of the WebSocket protocol using the Solar webProxy proxy server
The WebSocket protocol allows for the establishment of a permanent two-way connection between the client and the server, which significantly reduces latency and decreases…
Experience in implementing AppSec/DevSecOps practices
Development processes must be built to ensure a predictable level of product security at the output. It was with this idea that we began to modernize our internal processes…
Keeping up with deepfakes: application of technology and ethical aspects
The "deepfake" technology carries deep ethical implications, raising concerns about misinformation and manipulation. By seamlessly blending fabricated content with reality,…
Not only Flipper Zero: a hacker multitool from an old smartphone
They say that laziness is the engine of progress. As for me, competition works better. The ability to freely choose devices, applications, and information is now the…
What does the security of modern applications consist of?
You can find various interpretations of the concept of AppSec on the web. In this article, we will try to understand what should be included in AppSec, what skills are…
AWS Cloud Configuration Security Overview using Nuclei Templates
In the new version v9.8.5, Nuclei Templates have added templates for checking AWS Cloud configuration. In this post, we will discuss automating the verification of incorrect…
Machine Learning and Cryptography: Getting to Know CipherGAN
Machine learning is now used to a greater or lesser extent in various industries. Cryptographic analysis is no exception. In this article, we will look at the CipherGAN…
Ladybug in action. How to find vulnerabilities in Android and get into the top white hackers of Google
It is no secret that bug hunting is gaining popularity every year, attracting the attention of both companies seeking to improve the security of their products and white…
IDOR: A Complete Guide to Advanced Exploitation of IDOR Vulnerabilities
IDOR vulnerabilities are among the most common security vulnerabilities in modern web applications and APIs. It is not surprising that they are often recommended to novice…
Methodology and tools for identifying and tracking vessels
In this material, we will talk about the methodology and set of tools for determining the location, routes, owner, and inspections of a merchant vessel in four simple…
Navigation through the challenges of fintech development: from compliance to security
Fintech has truly revolutionized the field of financial services. The accelerated development of technology and the growing interest in digital financial solutions have…
Automation of routine work in forensics: extracting file time attributes by list
Imagine: you have several thousand files, and for each one you need to extract metadata - creation dates, modification dates, and last access. Of course, you can sit…
Insecurity of Debian
In June 2023, Red Hat made a controversial decision to change the way it distributes the source code of Red Hat Enterprise Linux. Social media erupted with heated discussions,…
Dorks in a new way – looking for what is open
When conducting any pentest of a corporate network, one of the actions of white hackers is to search for information that is practically in the public domain: on file…
History of the creation of ASoar: from idea to implementation of the cybersecurity system
My career in information security began, like many others, with work in IT infrastructure. Initially, my company was engaged in maintaining the stability of networks…
Evolution of attacks on web resources: what has changed since 2011
BI.ZONE WAF Cyber Threat Analytics and Research Department studied the statistics of attacks on web applications protected by BI.ZONE WAF. We compared this information…
1C flies south — our experience of migration to K2 Cloud
Imagine: you have a large company with offices from Moscow to the Far East, hundreds of facilities, thousands of shift workers, and an ancient 1C server that barely copes…
