Using ModSecurity Rules with nginx

I wanted to make note of this page, because it was a huge help getting the ModSecurity OWASP rule set working with nginx. LinuxBabe: How to Set Up ModSecurity with Nginx on Debian/Ubuntu Then to start exempting specific pages from specific rule ID’s, you’ll using these three commands quite a bit: `tailf /var/log/modsec_audit.log``sudo nano /etc/nginx/modsec/coreruleset-3.3.4/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf``sudo […]

Scammers Using Microsoft’s Support Site

I just came across this video (posted yesterday), where scammers are leveraging Microsoft’s legitimate support site at https://support.microsoft.com/help. This was after I received a fake Microsoft support call. Unfortunately, I didn’t have a dummy VM ready to waste their time, but glad I found out about the use of Microsoft’s site. Because Microsoft uses LogMeIn, […]