Amatera Stealer: Rebranded ACR Stealer With Improved Evasion, Sophistication

Proofpoint has identified Amatera Stealer, a rebranded version of ACR Stealer with enhanced capabilities and evasion techniques. Distributed via ClearFake website injects, it utilizes sophisticated attack chains and web injects. Amatera Stealer employs NTSockets for stealthy C2 communication, WoW64 Syscalls to bypass user-mode hooking, and supports HTTPS requests. It focuses on stealing information from browsers, crypto wallets, and various software. The malware can also execute secondary payloads. Amatera Stealer is actively developed and sold as a malware-as-a-service, with subscription plans ranging from $199 to $1,499.

Pulse ID: 6852f50d17176b71367652f8
Pulse Link: https://otx.alienvault.com/pulse/6852f50d17176b71367652f8
Pulse Author: AlienVault
Created: 2025-06-18 17:19:09

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #ClearFake #CyberSecurity #HTTP #HTTPS #InfoSec #Malware #MalwareAsAService #OTX #OpenThreatExchange #Proofpoint #bot #AlienVault

Cookieだけじゃない！Webの裏側で“あなたの行動”はこう見られている
https://qiita.com/nucomiya/items/05e262b633ec5f8747f9?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #HTTP #初心者 #cookie #セッション

From: blenderdumbass . org

The multiplayer, or the lack there of, at the moment is so utterly broken and so lacking of being properly made that for a long time, I was just not bothering with it. Seeing it as something unnecessary. Something that does not need to be touched, because other things, like the...

Read or listen: https://blenderdumbass.org/articles/a_rant_about_making_a_multiplayer_game

#Gamedev #DanisRace #Networking #Multiplayer #TCP #HTTP #Programming #Python #UPBGE #Blender3d #GNU #Linux #GamingOnLinux #FreeSoftware #OpenSource

iX-Workshop: API-Design und -Entwicklung mit HTTP, REST und OpenAPI

Lernen Sie, wie man effiziente und benutzerfreundliche APIs entwickelt, HTTP- und REST-Standards anwendet und standardisierte Referenzdokumentationen erstellt.

https://www.heise.de/news/iX-Workshop-API-Design-und-Entwicklung-mit-HTTP-REST-und-OpenAPI-10443381.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#API #HTTP #IT #iXWorkshops #Softwareentwicklung #news

Finally, I must again share @evert 's FANTASTIC blog post on improving discoverability through the HTTP OPTIONS method.

https://evertpot.com/discovering-features-with-http-options/

#HTTP

CouchDB also seems to be a technically simple solution—although it seems more difficult to use. And it's built with erlang!

1. Automatically generating OpenAPI documentation for your web resources doesn't seem doable, but there's perhaps CouchDB's own form of API documentation.
2. HTTP OPTIONS requests are accepted although poorly documented from what I could find.

It'd be nice if CouchDB supported learning about it's API through OpenAPI documentation.

#CouchDB #HTTP #REST #OpenAPI #erlang

Implementing this in as technically simple a manner as is possible can be done using postgREST, on top of postgres and nginx.

1. OpenAPI: https://docs.postgrest.org/en/v12/references/api/openapi.html
2. HTTP OPTIONS: https://docs.postgrest.org/en/v12/references/api/options.html

#postgres #postgREST #HTTP #REST #OpenAPI

Suppose you want to publish some web resources or, in other words, make your data available on the web. Additionally, suppose you want interaction with your resources discoverable, documented, and at-least somewhat doable by machine.

Then you'd likely turn to creating an HTTP-based, RESTful API that supports all the standard CRUD operations. Firstly, you'd ensure the API is well documented using, the OpenAPI standard; secondly, you'd point to that documentation in the HTTP OPTIONS.

#HTTP #REST

https://www.alojapan.com/1297188/japanese-bundesliga-stars-draw-crowds-at-expo-2025-osaka/ Japanese Bundesliga stars draw crowds at Expo 2025 Osaka #Ajax #http #news #node #Osaka #OsakaNews #Promise #xhr #大阪 #大阪府 Japan internationals Makoto Hasebe, Tomoaki Makino give fans, media insights into illustrious careers during events at the Expo’s German Pavilion Bundesliga Legend Hasebe made 384 appearances in Germany, winning the Bundesliga with VfL Wolfsburg, as well as the DFB Pokal and UEFA Europa League with Eintracht Frankfurt Germ…

Anyone wants HTTP GET with body?
There's an HTTP QUERY proposal: https://httpwg.org/http-extensions/draft-ietf-httpbis-safe-method-w-body.html

#dev #http

HTTP/1 vs HTTP/2 vs HTTP/3 This article provides a detailed, clear-cut analysis of HTTP/1 vs HTTP/2 vs HTTP/3, focusing on how each version improves (or fails to improve) web performance, efficiency, and modern use cases.
What is HTTP?
HTTP stands for Hypertext Transfer Protocol. It’s the foundation of data communication on the World Wide Web. When you visit a website, your browser uses #HTTP to request content (like text, images, videos) ...
Continued 👉 https://blog.radwebhosting.com/http-1-vs-http-2-vs-http-3/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #quiccloud

HTTP/1 vs HTTP/2 vs HTTP/3 This article provides a detailed, clear-cut analysis of HTTP/1 vs HTTP/2 vs HTTP/3, focusing on how each version improves (or fails to improve) web performance, efficiency, and modern use cases.
What is HTTP?
HTTP stands for Hypertext Transfer Protocol. It’s the foundation of data communication on the World Wide Web. When you visit a website, your browser uses #HTTP to request content (like text, images, videos) ...
Continued 👉 https://blog.radwebhosting.com/http-1-vs-http-2-vs-http-3/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #quiccloud

A recent research has exposed more than 40 * 10³ IoT cameras happily showing their feed _and_ location to anyone who can browse and use search engines specialized in the indexing of the misconfigured devices.

More than 14 * 10³ are localised in the USA.

Read more here.

Note:
I know that there are more than a million of these cameras world wide misconfigured an open on just port 80 http not even TLS 443, with admin / admin as credentials 🪪

https://www.theregister.com/2025/06/10/40000_iot_cameras_exposed/

#Infosec #nightmare #not #news #IoT #cameras #security #misconfigured #streaming #TLS #HTTP

URLs should be able to include HTTP verbs and headers.

They say "URLs define the "what" not the "how"" but protocol prefixes, file extensions, and query parameters are part of the how and yet they all exist in the URL.

Leaving HTTP verbs and headers out of URLs was an arbitrary decision.

#web #http #hypermedia #hateoas #webStandards #html #programming #networking

ein HTTP-Header für jede Anfrage mit dem Namen "Do-Not-Teach"

jedes Tutorial auf der Seite, was dir erstmal neue Funktionen erklären will, bevor du die Seite bedienen darfst, sollte laut Gesetz unter Androhung der Todesstrafe für den CEO ausgeblendet werden müssen, wenn der User Agent diesen Header sendet.

#wasfehlt #HTTP

Toujours bon à prendre 👍
Suivant... 😉
#security #http #header

I'm looking at a HTTP Digest bug and trying to find a definitive answer and I can't find it in the RFC.

The question is, should the hash of the request URI include query parameters?

None of the examples I can find include query params.

#HTTP #RFC #Digest #Authentication

Slides are ready! Next friday I'll show a few examples of #HTTP endpoints implemented in #Liquidsoap (the #radio script language) during its online conference - you can still register https://www.liquidsoap.info/liquidshop/5/

Missing Link: Tim Berners-Lee wird 70 – der Architekt des World Wide Webs | heise online https://www.heise.de/news/Missing-Link-Tim-Berners-Lee-wird-70-der-Architekt-des-World-Wide-Webs-10436837.html #HTML #HTTP #WWW #WorldWideWeb #TimBernersLee #SirTimBernersLee