DDoS攻撃をちゃんと理解したい人のための入門と設計整理メモ
https://qiita.com/omochi_0604/items/4c763e704073103d0550?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Network #Security #waf #CDN #DDoS

🎉 We are one week away from our CrowdSec Community Office Hours!

This month’s focus will be on the CrowdSec #WAF, a free and easy-to-deploy solution designed to protect against web-based attacks thanks to advanced behavior detection.

📅 Join us on June 26th at 6 PM CEST / 12 PM EST. 👉 https://app.livestorm.co/crowdsec/crowdsec-community-office-hours-june-session

#WAF #webapplicationfirewall #cybersecurity #infosec #webinar

WAF по вызову: как файрволл веб-приложений защитит от SMS-бомбинга

От чего защищает WAF (Web application firewall)? Самый очевидный ответ – от взлома веб-приложения. Однако не все веб-атаки предполагают эксплуатацию уязвимостей - иногда злоумышленники совершают и легитимные технически корректные действия, которые могут навредить организации. Так один из наших клиентов столкнулся с проблемой SMS-бомбинга. Для массовой рассылки SMS киберпреступники использовали открытый API. Решить проблему удалось с помощью WAF. Какие настройки для этого потребовались – расскажем в этой статье.

https://habr.com/ru/companies/webmonitorx/articles/918834/

#вебатаки #waf #web_application_firewall #sms_api #злоупотребления #верификация_пользователей

Rethinking Regex: Smarter detection for a modern threat landscape

Using regular expressions, or regex, was once a convenient and powerful way for web application firewalls (WAFs) to find malicious code in web requests.

🛡️ https://www.scworld.com/resource/rethinking-regex-smarter-detection-for-a-modern-threat-landscape

#regex #thread #firewall #code #web #itsec #request #webapp #threat #waf #itsecurity #websecurity

🚨 Urgent Hiring – Application Protection Trainer! 🚨
Remote | Experience : 10+ years | Duration: Project-Based

📩 Email: amritk1@overturerede.com 📞 Call/WhatsApp: 9289118667

#UrgentHiring #ApplicationSecurity #OWASP #SecureCoding #DevSecOps #WAF #RASP #ThreatModeling

🎉 Join us for the CrowdSec June Community Office Hours!

🔎 This month’s focus: The CrowdSec WAF
📅 June 26th at 6 PM CEST

Come chat about CrowdSec, learn about the latest updates, or just hang out with the community. Everyone’s welcome!

📌 Register: https://app.livestorm.co/crowdsec/crowdsec-community-office-hours-june-session

#webinar #community #WAF #cybersecurity

I played around with #BunnyShield by #BunnyNet and collected three things I'd love to see getting enhanced:

🔗 https://www.janbrennenstuhl.eu/bunny-shield-review/

#WebSecurity #WAF #Observability #BotManagement

How to Manually Install SafeLine WAF

https://fed.brid.gy/r/https://forem.com/carrie_luo1/how-to-manually-install-safeline-waf-44ko

You would like to improve the security, speed and reliability of your website even more? 🔐📈 No problem, Cloudflare makes it all possible. You benefit from reliable DDoS protection against volumetric attacks and attacks via the application layer on layers 3, 4 and 7. 🔢 So don't wait, protect and improve your web presence: Here https://nine.ch/products/cloudflare/ you will find everything you need to optimize your website with more protection and increased performance. 👈 #cloudflare #waf #cdn #ddos #nine

Are you attending #OpenWAFDay in Barcelona? 🇪🇸
Join us tomorrow at 9:15 AM for a talk on CrowdSec & Coraza: crowdsourcing a WAF! ✨

We'll dive into integrating Coraza into CrowdSec, the benefits, and how crowdsourced data helps detect attacks.

We can’t wait to see you there! 👋

📍 Details: https://owasp2025globalappseceu.sched.com/event/1zCJN

@appseceu #WAF #opensource #cybersecurity #infosec #event

West African Resources ( #WAF ) has released " West African hits 44m at 25.8 g/t gold below reserves at M1S " on Thu 22 May at 08:17 AEST #today #government #Mining #Gold #Australia
https://grafa.com/asset/west-african-resources-ltd-10771-waf.asx?utm_source=asxmktsensitive&utm_medium=mastodon&utm_campaign=waf.asx

Wyciek tytułów szkiców i prywatnych wpisów w silniku WordPress

Badacze z firmy Imperva odkryli i opisali interesującą podatność w popularnym silniku blogowym WordPress. Luka umożliwia osobom postronnym poznanie tytułów prywatnych wpisów oraz szkiców. Na pierwszy rzut oka nie brzmi dramatycznie, bo dotyczy tylko tytułów, ale w niektórych sytuacjach już samo przedwczesne ujawnienie tytułu może mieć poważne konsekwencje. Jako przykład podawane są tu wpisy...

#WBiegu #Cms #Podatność #Szkice #Waf #Wordpress #Wyciek

https://sekurak.pl/wyciek-tytulow-szkicow-i-prywatnych-wpisow-w-silniku-wordpress/

Looking for ideas here:
https://lm.madiator.cloud/post/970866

#selfhosting #reverseproxy #websecurity #waf #networkmonitoring #docker #homelab

CDKでWAFのアクセスログをS3に保存する方法
https://dev.classmethod.jp/articles/cdk-waf-logs-s3-storage/

#dev_classmethod #CDK #WAF #Amazon_Data_Firehose #Amazon_S3

Migrating your enterprise website to a new hosting provider with zero downtime and full support? What sounds like a dream can be your reality! 🥳

Discover how we did just this for Renesas and learn how, with the right preparation, communication, team skills, and custom solutions, a platform migration can be a strategic business opportunity! 💪

ℹ️ https://www.amazee.io/case-study/migrating-the-renesas-enterprise-hosting-platform

#WebsiteMigration #OpenSource #WAF #Drupal10 #Lagoon

Strengthen your Kubernetes security and receive a certification of completion! 

🎓 The latest course from the CrowdSec Academy focuses on deploying CrowdSec in Kubernetes. This hands-on course will teach you how to preemptively secure your cluster by detecting and blocking malicious activity in real time. 

Get started now: https://academy.crowdsec.net/course/deploying-crowdsec-in-kubernetes

#Kubernetes #DevSecOps #cybersecurity #WAF

West African Resources ( #WAF ) has released " WAF commences mining and crushing at Kiaka " on Tue 13 May at 08:19 AEST #government #Mining #Gold #live #ASX
https://grafa.com/asset/west-african-resources-ltd-10771-waf.asx?utm_source=asxmktsensitive&utm_medium=mastodon&utm_campaign=waf.asx

@lukeshu So I guess #Anubis has an explicit exception to handle #Lynx and will instead rely on rate-limits and other static means to detect #scrapers and handle with #UserAgent #abuse cases, like #fail2ban-style autobanning of violating IPs...

• This makes sense for a #WAF like Anubis and would've been the only viable option I'm aware of.

I wounder if anyone has tried using Anubis on @torproject / #Tor to protect #OnionService|s since that would be a reasonable application for it as well.

🚨 Radware Cloud WAF flaws let attackers bypass filters. Learn about CVE-2024-56523 & 56524 and secure your systems now.

#SecurityLand #CyberWatch #SecurityVulnerability #CVE #Radware #Cloud #WAF

Read More: https://www.security.land/critical-security-flaws-in-radware-cloud-waf-risk-filter-bypass-patch-now/