Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

September 21, 2022

Azure Cloud Shell Command Injection Stealing User’s Access Tokens

This post describes how I took over an Azure Cloud Shell trusted domain and leveraged it to inject and execute commands in other users’ terminals.

Threat Alert: New Malware in the Cloud By TeamTNT

Could TeamTNT be back? Our honeypots were attacked by malware that bears a resemblance to these threat actors and we analyze the possible connection.

The Evolution of the Chromeloader Malware - VMware Security Blog - VMware

The VMware Carbon Black MDR team goes in depth on the latest variants of the Chromeloader malware and how to detect them.

Chromium Blog: Announcing the Launch of the Chrome Root Program

In 2020, we announced we were in the early phases of establishing the Chrome Root Program and launching the Chrome Root Store.

The Chrome Root Program ultimately determines which website certificates are trusted by default in Chrome, and enables more consistent and reliable website certificate validation across platforms.

This post shares an update on our progress and how these changes help us better protect Chrome’s users.

Record 25.3 Billion Request Multiplexing Attack Mitigated by Imperva

On June 27, 2022, Imperva mitigated a single attack with over 25.3 billion requests, setting a new record for Imperva’s application DDoS mitigation solution.

While attacks with over one million requests per second (RPS) aren’t new, we’ve previously only seen them last for several seconds to a few minutes. On June 27, Imperva successfully mitigated a strong attack that lasted more than four hours and peaked at 3.9 million RPS.