New research into the Evilginx hacking tool reveals how cybercriminals can bypass Gmail and Outlook 2FA protections. Here’s what you need to know.| Forbes
As Gmail and YouTube users take to support forums to complain about accounts being hacked despite having 2FA activated, Google responds with 7-day recovery solution.| Forbes
Stealing session ids from phpinfo() output has been a known technique for some time, and is used to bypass the HttpOnly attribute, which prohibits JavaScript from accessing a cookie marked as such (e.g. PHPSESSID). I just now thought of a solution that allows you to keep your phpinfo(): we'll simply censor the sensitive data, making phpinfo() lose some of its value to the attacker.| www.michalspacek.com