This blog will describe how account takeovers (ATO) can be executed against APIs using GET methods, as opposed to POST. It’s an excellent example of how bad actors will analyze an application to uncover potential attack vectors. A Brief Primer on GET and POST The GET method allows you to ... Read More
- USENIX Security ’23 - Dawei Wang, Ying Li, Zhiyu Zhang, Kai Chen - CarpetFuzz: Automatic Program Option Constraint Extraction from Documentation for Fuzzing
- Conti Ransomware Gang's Russia-Based Music Album Labels and Plastika Recording Studio - An OSINT Analysis
- Why Do We Need Endpoint Security in 2024?
- The Problem is the People, but Which People?
- Announcing the Smart SOAR Documentation Site