Security - 🟧Heystack
Attacking Secondary Contexts in Web Applications
Security considerations when using modern routing technologies for web servers by Sam Curry
Spreadsheet listing all known as well as unidentified ransomwhare plus detection and prevention guides.
Polynetwork and Hacker Communicate
On the 10th of August 2021, the decentralized finance (defi) project Poly Network suffered a loss of over $600 million in various tokens due to smart contract bug. Exploiter has communicated with Poly team via blockchain messages and returned some of the funds. This sheets keeps track of the communication and the transfers.
APT Groups and Operations
Cyber security companies and Antivirus vendors use different names for the same threat actors and often refer to the reports and group names of each other. However, it is a difficult task to keep track of the different names and naming schemes. I wanted to create a reference that answers questions like "I read a report about the 'Tsar Team', is there another name for that group?" or "Attackers used 'China Chopper' webshell, which of the APT groups did use that shell too?" or "Did he just say 'NetTraveler'? So, does he talk about Chinese or Russian attackers?"
Bsides Ahmedabad - Dark side of DeFi
A presentation about smart contract miss-use and how to protect yourself in this space.
Digital Communications Protocols
Information about features, functions and other data of all sorts of communication platforms (chat, etc.)
Crypto Best Security Practices ⚠️
Now that the NFT bull run is back it's important to make sure your assets are secure. Here is a 17 page document that covers the basics. Thought this might save a life or two. Enjoy and stay safe, friends!