What’s going on with certificate revocation?
Does X.509 certificate revocation work as intended, or even work at all?
Tag: security
Threat hunting with Yara: Measuring distance between any three elements
Guest Post: Learn how to use Yara’s math module and min/max functions to measure distance between patterns.
Threat hunting with Yara: The three body problem
Guest Post: Get to know how to use Yara with real-life research problems — detecting code evolution and shellcodes.
Resurrection of injection attacks
Guest Post: DNS transparency is a gaping hole in Internet security.
Authentication and authorization using SSO
Guest Post: How to use single sign-on to benefit technology selection and deployment.
Securing an RDAP service with OpenID Connect and Keycloak
Guest Post: How integration with OpenID Connect secured the RDAP service of ccTLD .it.
Why are authentication and authorization so difficult?
Guest Post: Where to begin when you’re tasked with selecting a strong authentication solution for your organization.
Stopping DNS-based DDoS attacks in their tracks
Guest Post: Researchers propose a mechanism for DNS servers to independently determine a client’s preferred protocol.
Source Address Validation: Use cases and gap analysis
Guest Post: Learn how Source Address Validation helps mitigate source address spoofing and what the IETF is doing to make it better.
Update your patch management this new year
Guest Post: Reviewing and patching for past vulnerabilities can help to plan for and mitigate future attacks.