Arcsecond.io’s Post

⚠️Medium Risk Vulnerability Alert⚠️: CVE-2024-34695 WOWS Karma is a reputation system for Wargaming's World of Warships. A user is able to click multiple times on "create" on a post creation prompt before the modal closes, which triggers sending several post creation API requests at once. Due to timing, sending multiple posts simultaneously requests bypasses the cooldown validation, however are not refreshing a user's metrics more than once, due to concurrent karma updates. CVSSv3.1 Base Score: 6.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) #wow #apisecurity #owasp https://lnkd.in/dxR86Qrv

Wanted to share my recent participation in Aliens CTF organized by CyberAliens securing the 16th place out of 49. many more to come in the future CTFs 🚩 (note: dynamic jeopardy CTF)

In this video, I will demonstrate how to use Netcraft services for passive reconnaissance and information gathering. This is part one of our series, and we'll focus on tools other than the WHOIS protocol. Netcraft offers a range of services that help gather information about internet resources, such as domain names, IP addresses, and more, providing valuable insights for your reconnaissance efforts. and Wappalyzer tool #PenetrationTesting#OSINT https://lnkd.in/dbXH8Pqm

For SHA-3, NIST published the new standard, based on Keccak, on 5 August 2015, and which beat off competition from BLAKE (Aumasson et al.), Grøstl (Knudsen et al), JH (Hongjun Wu), and Skein (Schneier et al.). After two rounds, the final round evaluated of security, performance and hardware space. For performance, BLAKE3 basically wipes the floor its previous version (BLAKE2b), and which was already faster than SHA-3. It gives the equilavent of 128 bits of security. At its core is the Bao tree mode and the original BLAKE2 method, and it has been created by Jack O’Connor, Jean-Philippe Aumasson, Samuel Neves, and Zooko Wilcox-O’Hearn. https://lnkd.in/edBQucKj

Come find ThreatConnect and Polarity doing lobbycon at #SAINTCON! Find the beard and get a demo of our nextgen IR - SOC - Threat hunt - CTI use cases!

Are you at AISA CyberCon in Canberra? Say hi to Frank Yoo and Cindy H. and ask them your most challenging cloud security question.

Excited to delve into the top 15 best cards of Fallout! These powerful cards are vital for strategy and deck synergy. Highlighting the honorable mention card, Diamond City, with its shield counter ability and strategic significance in protecting commanders. Moving on to the 15th best card, Overencumbered, which creates tokens and impedes attacks based on artifact count, making it formidable against artifact-heavy opponents. Mutational Advantage grants hex proof and indestructible to creatures with counters, along with allowing proliferate. Nipton Lottery, a Rakdos card, acts as a board wipe by gaining control of a creature randomly. Screeching Scorch Beast generates zombie creature tokens when non-land cards are milled, which synergizes well with Cyber Controller deck. The top 3 cards include Rad Storm, enabling proliferate combos, Struggle for Project Purity providing beneficial card draw synergy, and Vats, a powerful one-sided board wipe with split second ability to prevent responses. Alpha Deathclaw, Nuclear Fallout, and torment of hellfire, along with the commander’s prowess, serve as effective win conditions. These cards offer deck synergy and strategic advantages in Fallout, making them crucial for any formidable deck. Your thoughts and favorite card? Let's discuss! Share your thoughts on these Fallout cards. What are your favorites and how do they fit into your deck strategy? #mtg #magicthegathering #fallout #top15 #bestcards

#NewCyberLab #MITRE MITRE | ATT&CK - Defense-Evasion - Masquerading In this lab we will be covering the following MITRE ATT&CK Techniques: - T1036.003: Masquerading Rename System Utilities - T1036.004: Masquerading Masquerade Task or Service - T1036.005: Masquerading Match Legitimate Name or Location #T1036003 #T1036004 #T1036005 #mitre #Masquerading #DefenseEvasion

🌟 Exciting News! Introducing GoMechanic Protect+ 🚗💼 Partnered with top global insurers, GoMechanic Protect+ is here to revolutionize your car repair experience. Say goodbye to worries about unexpected repair bills. With us, Your Car is not Just Insured, It's Assured. Join the movement of stress-free car ownership today! 🌍🚘 #GoMechanicProtectPlus #CarCareRevolution #DriveWithConfidence

📢 Here is the mandatory Contrast Security at #BlackHat post 😃 Learn about #applicationsecurity. 🔎 Why it should be a priority in your program and how we can help #bridgethegap in communication between #DevOps and #AppSec. ☎ Help secure your applications from the build stage to production without slowing down your team. 🙉 Reduce noise, alert fatigue and chasing down false positives by observing the apps in real time. 🧐 Provide additional context to developers as well as block attacks in production environments. Ask about our #workshops ! 📚