Open in app

Sign In

Write

Sign In

Ensar Seker
Ensar Seker

358 Followers

Home

About

Dec 16, 2021

Log4j for Dummies

log4j is the beginning of something huge that we do not know what severe state will end — A new critical vulnerability was discovered in log4j, an open-source utility widely used to generate logs in Java applications. What is Log4j, what is it used for, why is it so important? The Log4j 2 library is used in enterprise Java software and, according to the UK NCSC, is included in Apache frameworks such as Apache Struts2, Apache Solr, Apache Druid…

Log 4 J

9 min read

Log4j for Dummies
Log4j for Dummies
Log 4 J

9 min read


Oct 3, 2021

Typosquatting — what happens when you mistype a website

Typosquatting is a perfect use case because when people look at URLs and internalize their own misspellings, they are more likely to confuse the website the user visits in the email with the website they associate with the brand. — Typosquatting, or URLs hijacking, is a form of cybersquatting aimed at people who misenter web page addresses in their web browser URL fields. Compared to the typosquatting practice, cybersquatting involves the purchase of domain names to make money on the popularity or reputation of a particular brand or company. The…

Typosquatting

4 min read

Typosquatting — what happens when you mistype a website
Typosquatting — what happens when you mistype a website
Typosquatting

4 min read


Aug 7, 2021

A technique for Internet Censorship Circumvention: Domain Fronting

Mandiant and FireEye reported that they discovered the APT29 group supported by the Russian nation-state that has been using domain fronting for over two years. Mandiant has been observing for at least two years how Russian nation-state attackers use domain-fronting techniques and clandestine backdoor access in victim environments. — Domain fronting is a relatively new (ish) technique that allows attackers to conceal command and control traffic on infected computers by disguising themselves as traffic from trusted servers hosted on content delivery networks (CDNs).

Domain Fronting

5 min read

A technique for Internet Censorship Circumvention: Domain Fronting
A technique for Internet Censorship Circumvention: Domain Fronting
Domain Fronting

5 min read


Published in CodeX

·Jul 31, 2021

Pegasus Spyware in a Nutshell

Pegasus Spyware has recently hit the headlines because it is used to target devices of critical people in various sectors of the country including journalists, activists, politicians, and business leaders. — Last week we saw a story after another on a company called NSO Group and a piece of software called Pegasus. These include shocking claims that updated smartphones can be hacked using a single text message. At our Security Analyst Summit, researchers from Lookout discovered that Pegasus Spyware, which…

What Is Pegasus Spyware

7 min read

Pegasus Spyware in a Nutshell
Pegasus Spyware in a Nutshell
What Is Pegasus Spyware

7 min read


Jul 25, 2021

The Most Prominent Pandemics Of Cyber Viruses

Malware has become more sophisticated and attacks vulnerabilities in countless ways. It includes new and dangerous species, including worms (named after the human parasitic worm), trojans, and ransomware which are not by strict definitions computer viruses and should be designated as such. In general, malware, worms, and Trojan horses can cause billions of dollars in damage and disrupt critical infrastructure in real life.

Malware

5 min read

The Most Prominent Pandemics Of Cyber Viruses
The Most Prominent Pandemics Of Cyber Viruses
Malware

5 min read


Jul 20, 2021

Cybersecurity Maturity Model Certification (CMMC): Here is What You Need to Know!

The US Department of Defense has introduced the Cybersecurity Maturity Model Certification (CMMC) to normalize and standardize cybersecurity for the Federal Government and Defense Industrial Base (DIB). The CMMC is a unified standard that implements cybersecurity across the DIB, including over 300,000 companies in the supply chain. It is DoD’s response to a significant compromise of sensitive defense information contained in contractors’ information systems.

Cmmc

6 min read

Cybersecurity Maturity Model Certification (CMMC): Here is What You Need to Know!
Cybersecurity Maturity Model Certification (CMMC): Here is What You Need to Know!
Cmmc

6 min read


Published in CodeX

·Jul 18, 2021

The Birth and Rise of Remote Access Trojans (RATs)

The RATs themselves should consider using threat information to detect new digital threats and implement defenses and precautions. RATs play a prominent role in the execution of advanced persistent threats (APT). — A Remote Access Trojan (RAT) is a type of malware that allows attackers to remotely control your system. It is an application that allows hackers to get in the door and have administrative access to a computer. Given that RAT is a malware program that tries to open a back…

Rats

4 min read

The Birth and Rise of Remote Access Trojans (RATs)
The Birth and Rise of Remote Access Trojans (RATs)
Rats

4 min read


Published in Geek Culture

·Jun 20, 2021

Exploiting X11 Unauthenticated Access

X11 for Windows systems is a graphical window system common to Unix and Linux implementations and found in Windows software such as Hummingbird and surpassed by X Server. Several vulnerabilities have been found in X11 (xinput, evi, mit, shm, xfree86, misc extensions), Solaris X11 display server (xorg-1, xsun-1), and Solaris x11 print server (XPRT-1). — Multiple vulnerabilities allow a local or remote, unprivileged user to execute arbitrary code with root privileges on the Solaris X11 display server from XHost [1] or XAuth [1] to access arbitrary memory and X server address space and crash the X11 display server process. Vulnerabilities have been found in Xorg…

X 11

4 min read

Exploiting X11 Unauthenticated Access
Exploiting X11 Unauthenticated Access
X 11

4 min read


Published in Geek Culture

·Jun 13, 2021

Trusted Execution Environment (TEE), Implementations, Drawbacks

The Trusted Execution Environments are one of the technologies that help manufacturers, service providers, and consumers protect their devices and sensitive data. TEE protects the area of the hardware where the code is executed in isolation. The code executed in the trusted execution environment cannot be viewed or modified, so an attacker would only be able to execute malicious code with full privileges on the same processor.

Trusted Execution

5 min read

Trusted Execution Environment (TEE), Implementations, Drawbacks
Trusted Execution Environment (TEE), Implementations, Drawbacks
Trusted Execution

5 min read


Published in CodeX

·Apr 10, 2021

Zero-Knowledge Proofs (ZKPs)

Zero-knowledge proof systems that have received a lot of attention since their introduction are those that use a single message, such as proof of the existence of zero-knowledge or proof against a certain type of proof. — What is it? A zero-knowledge proof protocol is a way for a prover to convince a verifier that a statement containing classified information is true without revealing even a single bit of information (or a fraction thereof) about that knowledge. This is because the prover can prove the accuracy of the claim…

Zero Knowledge Proofs

5 min read

Zero-Knowledge Proofs (ZKPs)
Zero-Knowledge Proofs (ZKPs)
Zero Knowledge Proofs

5 min read

Ensar Seker

Ensar Seker

358 Followers

Cybersecurity | Artificial Intelligence | Blockchain

Following
  • Pentester Academy

    Pentester Academy

  • Bridgewater Labs

    Bridgewater Labs

  • Jon Goldman

    Jon Goldman

  • c1oud

    c1oud

  • Şevket Kürşad Kahya

    Şevket Kürşad Kahya

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech