Stop Cookie Replay Attacks
TL;DR Cookie replay attacks happen when someone steals your cookie and uses it to pretend to […]
CSRF Protection with HTTPS
TL;DR HTTPS protects data in transit, but doesn’t stop Cross-Site Request Forgery (CSRF) attacks. This guide […]
CSRF Protection: Tokens vs Referer Checks
TL;DR Anti-CSRF tokens are much more reliable than relying on the Referer header or simple POST […]
Secure WebSockets: Stopping Denial of Service
TL;DR WebSockets are great for real-time apps, but they’re vulnerable to DoS attacks because a single […]
Stopping Forensic Tools
TL;DR This guide shows you how to make it harder for someone trying to investigate your […]
Stop Phishing: A Practical Guide
TL;DR This guide gives you simple steps to protect yourself and your organisation from phishing attacks. […]
Spotting Phishing Emails: A User Guide
TL;DR Phishing emails try to trick you into giving away personal information. This guide shows you […]
Google-Antigravity-Lücke: KI-Coding-Tool anfällig für Angriffe
Eine Sicherheitslücke in Googles KI-Coding-Tool Antigravity erlaubt es Angreifern, Schadcode einzuschleusen. Koshiro K – shutterstock.com Anfang […]
RomCom tries dropping a not-so-romantic payload on Ukraine-linked US firms
US firms with ties to projects supporting Ukraine are being targeted by the Russia-aligned RomCom group, […]
Scattered Lapsus$ Hunters target Zendesk users with fake domains
Scattered Lapsus$ Hunters targeted Zendesk users through more than 40 fake domains designed to steal credentials […]