The APT group, known as Charming Kitten (APT35), is thought to be linked to the Iranian state. It is considered that it provides Cyber Intelligence to the Iranian state against human rights activities, academic researchers and media organizations, and the United States and Central Eastern countries are among the countries it targets. Charming Kitten
Directory Traversal Vulnerability Definition and Solution Suggestions Another security vulnerability that we may encounter in web applications is Directory Traversal. Directory exceedance vulnerability is the ability to read or write access to files that should not be accessed on the web server with input provided by the user. Necessary
APT-29 Initial Access Tactic Used by WellMess APT29 is a hacker group thought to be associated with the Russian state and intelligence, according to information obtained by NSA and various cyber security companies. "APT" stands for "Advanced Persistent Threat". APT29 hacker group cyber attack
DNS Request Amplification (Server Spoofed Request Amplification) DDoS attacks are attacks that we encounter very frequently and are generally aimed at preventing institution, organization or user service. It can be done using many computers or a single computer. What is DNS Request Expansion? DNS servers
Broken Authentication and Session Management This vulnerability, known as Broken Authentication and Session Management in English and also known as Broken Authentication and Session Management in our language, is on the list of the most popular vulnerabilities published by OWASP in 2017, in our previous articles.
Os Command Injection This vulnerability, which is called Os Command Injection in English and although it is not used much in our language, is called Operating System Command Injection, is in the Injection category, which is among the most popular vulnerabilities published by OWASP. Before talking about the details
The Nightmare of E-commerce Sites: Credential Stuffing. Credential Stuffing, a technique that uses the risk of using the same e-mail and password pairs on different platforms, affects e-commerce sites the most... What is Credential Stuffing? Credential Stuffing, which we can translate into our language as "Identity Stuffing", has become an astronomical issue in e-commerce, especially in recent years.
Kerberos Protocol Kerberos Protocol is an authentication protocol developed to be encrypted and more secure without openly sharing the password in an untrusted network environment. Kerberos protocol uses the Shared Secret Key method when encrypting information in the network environment.
What is Active Directory? Active Directory, an important part of the IT infrastructure, is a directory service designed by Microsoft for Server and Client computer systems and includes systems such as servers, client computers, users and printers. Suspicious Behavior in Active Directory
Prototype Pollution vulnerability, which occurs due to various errors in JavaScript libraries, makes web applications unsafe. What is Prototype Pullution? When a new object is created in JavaScript, a prototype-based programming language; This new object creates functions such as toString, cunstructor and hasOwnProperty.
Established in 2017 to provide consultancy, service and support services on information security, Infinitum IT carries out studies within the framework of cyber incident response services, secure code development/analysis, penetration tests, and blue/red teamwork.
Esentepe Mah. Buyukdere Cad. LOFT PLAZA Floor:4 Flat:86 Levent/Istanbul
Copyright © 2023 InfinitumIT– All Rights Reserved.
Esentepe Mah. Buyukdere Cad. LOFT PLAZA Floor:4 Flat:86 Levent/Istanbul
Copyright © 2023 InfinitumIT– All Rights Reserved.