Demuxx
Demuxx
Looks like there is a typo here that could allow inadvertent whitelisting of domains like abc-im-malicious-aspnetcdn.com. https://github.com/SwiftOnSecurity/sysmon-config/blob/046c4a0ee9075e9c9c37b569eba08c30012648e0/sysmonconfig-export.xml#L933 Here also: https://github.com/SwiftOnSecurity/sysmon-config/blob/046c4a0ee9075e9c9c37b569eba08c30012648e0/sysmonconfig-export.xml#L1051
https://github.com/simontabor/2fa/blob/f42eef50f566d819a7d9ca06c36db5e4224c1ec2/lib/2FA.js#L66 The string comparison of the hotp code against the user supplied code needs to be secure against timing attacks. There are various methods to addressing this, including those in...