CENSUS IT Security Works
  • BLOG
  • ADVISORIES
  • CAREERS
  • INDUSTRIES
  • SERVICES
  • NEWS
  • LABS
  • COMPANY
  • CONTACT
Articles with tag: Sfadiff
POSTED BY: Ioannis Stais / 03.11.2017

An introduction to the LightBulb Framework

This blog post serves as a followup to my summer B-Sides Athens 2017 talk entitled “Lightbulb framework – shedding light on the dark side of WAFs and Filters”.

    Tags:
  • machine learning
  • GOFA
  • SFADiff
  • lightbulb framework
  • web application firewall
  • web application filter
  • evasion
  • burp plugin
  • bsides athens
  • penetration testing
  • automata learning

Read more...


LATEST ADVISORIES

  • Weak SVG asset filtering mechanism in Squidex
  • Race condition in key creation and key rotation exposes private keys of Tang server
  • Reflected XSS vulnerabilities in Squidex "/squid.svg" endpoint
  • Multiple vulnerabilities in Snipe-IT
  • Multiple vulnerabilities in radare2

JOB OPENINGS

  • Technical Lead - Embedded Systems Security
  • Technical Lead - Application Security
  • Technical Project Manager - Embedded Systems Security
  • Technical Project Manager - Application Security
  • Senior Embedded Systems Security Engineer
  • Senior Application Security Engineer
  • Senior Cloud Security Engineer
  • Embedded Systems Security Engineer
  • Application Security Engineer
  • Vulnerability Researcher
  • IT Security Professional Internship
  • Vulnerability Researcher Internship

IN THE NEWS

  • New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely (The Hacker News, Riscure Security Highlights)
  • Mayo Clinic lists CENSUS in recommended external assessors list (announcement)
  • Microsoft Turns Off Wi-Fi Sense After Risk Revealed (BANK INFO SECURITY)
  • NBG Business Seeds Partnership with CENSUS (National Bank of Greece, ERT, FORTUNE Greece)
  • Security By Design (NETWEEK, in greek)
  • Wifiphisher: Automating Phishing Attacks Against WiFi Networks (Tripwire)
  • DEFCON 22: Hacking Airports, Airplanes and Airwaves (Tripwire - Internet Archive)
Company News
  • 18⁰ IT Directors Forum
  • DSEI 2023
  • DEFEA 2023
Advisories
  • Weak SVG asset filtering mechanism in Squidex
  • Race condition in key creation and key rotation exposes private keys of Tang server
  • Reflected XSS vulnerabilities in Squidex "/squid.svg" endpoint
Blog
  • Introducing Janus: a hierarchical multi-blockchain access control system for policy based access to shared resources
  • Securing the building blocks of embedded software
  • Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
  • Privacy Policy
  • Terms of Use
  • RSS
Copyright © 2008 - 2023 CENSUS S.A. All rights reserved. Powered by d4digital / Designed by B612 Design Office