Even top security researchers can be fished

Google recently announced a “New campaign targeting security researchers“. “In order to build credibility and connect with security researchers, the actors established a research blog and multiple Twitter profiles to interact with potential targets. They’ve used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits and for amplifying and … Read more

Top 10 web hacking techniques of 2020

PortSwigger (the company behind BurpSuite) launched it’s yearly community vote for the Top 10 Web Hacking Techniques of 2020. Visit https://portswigger.net/polls/top-10-web-hacking-techniques-2020 and vote for your favorites. Exploiting POST-based XSSI XSS fun with animated SVG Attacking MS Exchange Web Interfaces Code injection in Workflows leading to SharePoint RCE Researching Polymorphic Images for XSS on Google Scholar … Read more

“Pay What You Can” Cyber Training.

Wild West Hackin’ Fest offers 3 great “hands-on” courses where you can Pay What You Can. The students will have the opportunity to do hands-on work, in virtual labs provided by the organizers. SOC Core Skills w/ John Strand (Feb 2 – Feb 5 2021, 4 hours/day) This 16-hour (4-days, 4-hour sessions) information security training … Read more

Servere DNS gratuite Google Google Cloudflare Cloudflare Quad9 Quad9 Level3 Level3 OpenDNS OpenDNS Verisign Verisign