👋 Hi there! I’m thrilled to have you here on my corner of the internet.
Allow me to take you on a journey through the realms of technology, security, and Free and Open Source Software (FOSS).
This blog is a personal exploration of the topics that fascinate me. It’s a place where I can document my journey, share my knowledge, and reflect on the ever-evolving landscape of technology and security. While I enjoy engaging with readers, my primary goal is to offer well-researched, insightful content that can serve as a resource for anyone interested in these fields.
Whether you’re a fellow tech enthusiast, a curious learner, or someone who enjoys the occasional deep dive into the world of technology, I’m glad you’re here, and I hope you enjoy reading as much as I enjoy writing. Let’s embark on this tech journey together, one post at a time!
Session Hijacking 2.0: Emerging Threats and Defenses
Introduction In today’s rapidly evolving cybersecurity landscape, attackers have found new ways to bypass multi-factor authentication (MFA) and compromise user sessions through tactics such as session hijacking and infostealer malware. These techniques pose significant risks to organizations and users, even those who have deployed MFA solutions to secure their systems. ...
Exploring Wazuh
Wazuh is an open-source cybersecurity platform that combines Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) to deliver comprehensive protection across endpoints, cloud workloads, and network devices. Its integrated approach allows organizations to monitor, detect, and respond to threats in real time, leveraging a flexible, scalable solution without licensing fees. Wazuh’s Community and Ecosystem One of Wazuh’s major strengths is its vibrant community and ecosystem, which contribute to its continuous improvement and growth....
CVE-2024-3596: Blast-RADIUS Vulnerability a Major Threat to RADIUS Authentication Protocol
Overview A critical security flaw, CVE-2024-3596, was recently discovered in the RADIUS (Remote Authentication Dial-In User Service) authentication protocol. This vulnerability, dubbed Blast-RADIUS, poses a serious threat to organizations relying on RADIUS for network authentication and access control. Researchers have demonstrated how attackers could exploit the vulnerability to bypass authentication mechanisms, highlighting the risks in environments using non-EAP (Extensible Authentication Protocol) methods over UDP. Vulnerability Details CVE ID: CVE-2024-3596 Description: The Blast-RADIUS attack allows an adversary to perform a Man-in-the-Middle (MITM) attack on RADIUS authentication....
CVE-2024-43491: Microsoft Windows Update Zero-Day Exploit
Overview CVE-2024-43491 is a critical zero-day vulnerability discovered in Microsoft’s Windows Update system, which allows attackers to reverse previously applied security updates. This vulnerability, actively exploited in the wild, enables a form of “downgrade attack”, effectively nullifying security patches and exposing systems to older vulnerabilities. The flaw was first disclosed by Microsoft in September 2024, after being flagged as a critical issue with a CVSS severity score of 9.8/10, one of the highest possible ratings for a security flaw....
Ongoing Criticism of the EUCS: France's Role in European Cybersecurity Under Scrutiny
The EUCS Under Fire: France’s Concerns Over Cybersecurity Sovereignty The European Cybersecurity Certification Scheme (EUCS) has been the subject of increasing criticism, especially from France, where concerns over digital sovereignty and the role of U.S. cloud service providers dominate discussions. French authorities and experts fear that the EUCS, while aimed at bolstering European cybersecurity, may allow foreign tech giants to maintain dominance in Europe’s critical infrastructure, undermining efforts to develop local, sovereign cloud solutions....