Categories
Security

wordfence.com Vulnerability Database

Wordfence is a comprehensive security plugin designed specifically for WordPress websites. It offers a range of features, including firewall protection, malware scanning, and real-time threat intelligence to safeguard sites from malicious attacks. With its user-friendly interface, Wordfence provides detailed reporting and alerts, allowing website owners to monitor and respond to potential security threats effectively. Additionally, the plugin includes options for user blocking, login security, and two-factor authentication to enhance overall site protection.

Wordfence is also well-known for its security research and for maintaining a vulnerability database.

Categories
Security

hardenize.com secure score card

Hardenize is an interesting alternative to Mozilla’s HTTP Observatory, which scans your website and security perimeter. It provides you with a free and public scorecard that is also shareable via a link. Achieving a good score is a strong indicator that you care about security and demonstrates your commitment to it publicly.

Categories
Security

Subresource Integrity in HTML

In light of the recent supply chain attack on the polyfill.io CDN, a GitHub account and domain were taken over by a malicious actor, who began injecting harmful JavaScript into thousands of websites. If websites load JavaScript, this script can operate in the first-party context and may perform a range of actions, including logging form data, capturing cookies, and modifying the website as desired. This poses an extreme risk if you do not trust the source completely.

One way to mitigate this risk is by using Subresource Integrity (SRI), which allows you to pin a remote JavaScript file to a specific hashed fingerprint of its content. This makes loading remote resources significantly safer by blocking the loading if the content of the remote JavaScript content changed.

Categories
Security Web

GitHub follow commits as RSS

There might be times when you want to closely follow updates to a public GitHub repository. I had this use case in June 2024 when following the Swiss NCSC for cyber threat information regarding DDoS attacks.

I solved this problem by setting up an API key and regularly querying the main branch commits. However, this process is unnecessarily complex. A much easier way is to follow a repository as an RSS feed.

Categories
Security

SWICO: Hosting

I familiarized myself with the “Leitfaden für Behördenanfragen zu Kundeninformationen und -inhalten” which was created by Swico to guide Swiss hosting providers on handling inquiries from Swiss authorities and courts regarding customer activities, information, and content.

Categories
Security

WSUS Offline Update

I have used this software for my netbooks that always failed to download the Windows update. I was able to extend the useful life of the device for years. This tool may not be very corporate-ready, but if you have a Windows device and you need to update it offline and easily, this can be a lifesaver.

Please download from the original source, a German website.

https://www.heise.de/download/product/wsus-offline-update-ct-offline-update-38170

This is my small mirror, but it may not be updated to the latest version. Therefore, please refrain from downloading from here unless necessary.

  • WSUS Offline Update 12
    • Windows 8, Windows 8.1, Windows 10
  • WSUS Offline Update 11.9
    • Windows 7
  • WSUS Offline Update 9.2.5
    • Windows XP, Windows Vista

Categories
News Security

DDoS in Switzerland in June 2024

There is a high chance of a Distributed Denial of Service (DDoS) attack around and during the “Summit on Peace in Ukraine” conference at the Bürgenstock Switzerland on the upcoming weekend of June 15th and June 16th, 2024. Find a complete breakdown of technical details of what happened over the entire weekend in the article.

Attacks on Swiss web properties were seen during the World Economic Forum in January 2024, the visit of the Ukrainian President Wolodymyr Selenskyj to Switzerland in January 2024, and in June 2023 when the Ukrainian President Wolodymyr Selenskyj was speaking in front of the Swiss Parliament in the form of a remote conference.

Categories
Security

First try, Nuclei Vulnerability Scanning

Fast and customizable vulnerability scanner based on a simple YAML-based DSL.

I took my first steps with Nuclei. The plan was to verify if my Atlassian Confluence instance was vulnerable both before and after patching. Also, on June 7, 2024, a new PHP vulnerability emerged, and I wanted to use Nuclei to review the security posture of some PHP installations I manage.

Categories
Security

Using a YubiKey for enhanced security

I used to have a YubiKey, but it never fully caught on with me. Now, finally, I want to start using a YubiKey to reduce the risk of phishing attacks and strengthen my overall personal IT security.

A hardware security token never goes alone; always add two. One is for use, and the second is for backup.

Categories
Security

Request parameter _sm_by ZScaler

During a DDoS attack, I found a large amount of a HTTP request parameter “_sm_byp=” in my logs. However, this parameter is not native to my app.

_sm_byp=

Modified example:
https://www.example.com:443/manifest.json?_sm_byp=iVVt9H5dRMP8Lb3F
https://www.example.com:443/test.html?_sm_byp=iVVc8ZT1kQFvX6Nr