/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

mike.sherov.com
| | labanskoller.se
3.3 parsecs away

Travel
| | During 2021 I had access to a facility equipped with an alarm system from Securitas Direct. I had access as a regular user to Securitas Direct's My Pages at mypages-pro.securitas-direct.com, which is used to administer some aspects of one's security alarm installation. That web application suffered a CWE-384 Session Fixation vulnerability which can be used by an attacker in a so-called Man-In-The-Middle (MiTM) position. Home page of Securitas Direct My Pages In summary, if an attacker is on the same netw...
| | tom.vg
3.8 parsecs away

Travel
| | [AI summary] This article explains cross-site and browser-based timing attacks that allow attackers to infer sensitive information from response sizes using side-channel leaks in web browsers.
| | adsecurity.org
3.9 parsecs away

Travel
| | [AI summary] The article discusses the POODLE vulnerability in SSL 3.0, explaining its risks, exploitation scenarios, and mitigation strategies such as disabling SSL 3.0 and implementing TLS_FALLBACK_SCSV.
| | blog.doyensec.com
12.9 parsecs away

Travel
| Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery - Introducing CSPT2CSRF