La plataforma open source de ciberseguridad CrowdSec ha anunciado el lanzamiento de su versión 1.7, una actualización que refuerza su capacidad para detectar y bloquear direcciones IP maliciosas mediante un enfoque colaborativo. La nueva versión incorpora mejoras clave en la instalación, soporte extendido para entornos Docker y Swarm, y avances en su firewall de aplicaciones […]| Administración de Sistemas
Learn how a Web Application Firewall works to secure web applications. This guide details its crucial functions, while also addressing disadvantages Of Web Application Firewall like cost and management complexity. CISCO Web Application Firewall A Web Application Firewall (WAF) is a specialist security solution that filters, monitors, and blocks harmful HTTP/S traffic in order to […]|
Customer Pain Points “Gap” in security protection after new business launch A financial company launched a new business system; the O&M team had to manually add the server IP to the WAF whitelist. Due to the cumbersome approval process, the configuration was not completed until 3 days later. During this period, hackers had invaded the […]| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers.| The Cloudflare Blog
WebARX is a web application firewall where you can protect your website from malicious attacks. As you can see it was mentioned in TheHackerNews as well and has good ratings if you do some Googling. https://thehackernews.com/2019/09/webarx-web-application-security.html It was found out that the WebARX WAF could be easily bypassed by passing a whitelist string. As you […]| 🔐Blog of Osanda
As intra-app URLs used in web applications are generated and parsed by the same code base, there’s no external force pushing developers towards using a human-readable form of serialization. Sure, it’s easier to do debugging and development, but that’s why I used the word “external”. Many frameworks use custom encodings, but one of the most extreme things a developer can do in this regard is completely encrypting request parameters. We encountered such a setup during a recent web app...| Silent Signal Techblog
In this post I will share my testing experiences about a web application protected by a web application firewall (WAF). The investigation of the parameters of web interfaces revealed that I can perform XSS attacks in some limited ways. The target implemented blacklist-based filtering that provided some HTML tag and event handler restriction. Since this restriction appeared at quite unusual places I suspected that there might be a WAF in front of the application. To verify my suspicion:| Silent Signal Techblog