A significant event occurred on the mod-security-users mailing list in July: a large code contribution was made by Daniel Fernndez Bleda and Carles Bonamusa Prez from Internet Security Auditors. The patch, made against ModSecurity 1.9.4, adds cookie and link protection using hashing and encryption. The patch is now available for download from the ModSecurity web site. Please note that the code is not yet production ready and that you should use it for testing purposes only. I expect to merge this code into the official code base soon (targeting the next stable release after 2.0.0).
Blogs & Stories
SpiderLabs Blog
Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.
Recent SpiderLabs Blog Posts
Jan 12, 2021
Patch Tuesday, January 2021
Jan 11, 2021
Microsoft Teams and Skype Logging Privacy Issue
Jan 06, 2021