{ "version": "https://jsonfeed.org/version/1", "title": "LAYERWEB Blog - Cybersecurity and Software Development", "home_page_url": "https://blog.layerweb.com.tr", "feed_url": "https://blog.layerweb.com.tr/feed.json", "description": "Expert content on cybersecurity, reverse engineering, software development, and security vulnerabilities.", "icon": "https://blog.layerweb.com.tr/logo-light.svg", "author": { "name": "LAYERWEB", "url": "https://blog.layerweb.com.tr" }, "items": [ { "id": "https://blog.layerweb.com.tr/posts/wireless-keyboards-mause-security", "content_html": "Critical security analysis of wireless keyboards and mice. Learn why unencrypted dongles are remote command injection tools, not peripherals. MouseJack, KeySniff attacks explained with defense strategies.", "url": "https://blog.layerweb.com.tr/posts/wireless-keyboards-mause-security", "title": "Why Wireless Keyboards, Mice & Bluetooth Dongles Must Be Encrypted", "summary": "Critical security analysis of wireless keyboards and mice. Learn why unencrypted dongles are remote command injection tools, not peripherals. MouseJack, KeySniff attacks explained with defense strategies.", "date_modified": "2025-11-16T00:00:00.000Z", "author": { "name": "LayerWeb", "url": "https://blog.layerweb.com.tr" }, "tags": [ "Full-Stack Security" ] }, { "id": "https://blog.layerweb.com.tr/posts/cisco-router-nat-configuration-guide-for-metro-ethernet", "content_html": "Complete CCNA-level guide for configuring Cisco router as NAT gateway with Metro Ethernet connectivity and VLAN segmentation. Step-by-step configuration for enterprise network deployment with security best practices.", "url": "https://blog.layerweb.com.tr/posts/cisco-router-nat-configuration-guide-for-metro-ethernet", "title": "Cisco Router NAT Configuration Guide for Metro Ethernet with VLANs", "summary": "Complete CCNA-level guide for configuring Cisco router as NAT gateway with Metro Ethernet connectivity and VLAN segmentation. Step-by-step configuration for enterprise network deployment with security best practices.", "date_modified": "2025-11-13T00:00:00.000Z", "author": { "name": "LayerWeb", "url": "https://blog.layerweb.com.tr" }, "tags": [ "Network Security" ] }, { "id": "https://blog.layerweb.com.tr/posts/cpanel-cgiddos-fix", "content_html": "Critical cPanel WHM defaultwebpage.cgi DDoS fix for Apache and LiteSpeed servers. Prevent Layer 7 CGI flood attacks that bypass Cloudflare. Essential server security configuration for cPanel administrators.", "url": "https://blog.layerweb.com.tr/posts/cpanel-cgiddos-fix", "title": "cPanel WHM CGI DDoS Fix - defaultwebpage.cgi Security Patch", "summary": "Critical cPanel WHM defaultwebpage.cgi DDoS fix for Apache and LiteSpeed servers. Prevent Layer 7 CGI flood attacks that bypass Cloudflare. Essential server security configuration for cPanel administrators.", "date_modified": "2025-11-09T00:00:00.000Z", "author": { "name": "LayerWeb", "url": "https://blog.layerweb.com.tr" }, "tags": [ "Full-Stack Security" ] }, { "id": "https://blog.layerweb.com.tr/posts/mikrotik-whitelist-antiddos-configuration", "content_html": "Comprehensive guide to implementing whitelist-based DDoS protection on MikroTik RouterOS using RAW firewall rules, dynamic address lists, and intelligent traffic filtering for game servers and critical infrastructure.", "url": "https://blog.layerweb.com.tr/posts/mikrotik-whitelist-antiddos-configuration", "title": "MikroTik RouterOS Whitelist-Based Anti-DDoS Configuration Guide", "summary": "Comprehensive guide to implementing whitelist-based DDoS protection on MikroTik RouterOS using RAW firewall rules, dynamic address lists, and intelligent traffic filtering for game servers and critical infrastructure.", "date_modified": "2025-11-05T00:00:00.000Z", "author": { "name": "LAYERWEB", "url": "https://blog.layerweb.com.tr" }, "tags": [ "Network Security" ] }, { "id": "https://blog.layerweb.com.tr/posts/hello-world", "content_html": "Welcome to the LayerWeb Security Blog - your trusted source for cutting-edge cybersecurity research, vulnerability analysis, penetration testing insights, and red team operations. Join us on our mission to make the digital world more secure.", "url": "https://blog.layerweb.com.tr/posts/hello-world", "title": "Hello World - Welcome to LayerWeb Security Blog", "summary": "Welcome to the LayerWeb Security Blog - your trusted source for cutting-edge cybersecurity research, vulnerability analysis, penetration testing insights, and red team operations. Join us on our mission to make the digital world more secure.", "date_modified": "2025-11-02T00:00:00.000Z", "author": { "name": "LayerWeb Security Team", "url": "https://blog.layerweb.com.tr" }, "tags": [ "General" ] }, { "id": "https://blog.layerweb.com.tr/vuln/cve2023-44487-Raid-Reset-DDoS-HTTP2vuln", "content_html": "A remote unauthenticated attacker can exploit the HTTP/2 Rapid Reset vulnerability to perform a high-impact denial-of-service attack by rapidly opening and resetting streams, exhausting server resources.", "url": "https://blog.layerweb.com.tr/vuln/cve2023-44487-Raid-Reset-DDoS-HTTP2vuln", "title": "CVE-2023-44487 - HTTP/2 Rapid Reset Denial of Service", "summary": "A remote unauthenticated attacker can exploit the HTTP/2 Rapid Reset vulnerability to perform a high-impact denial-of-service attack by rapidly opening and resetting streams, exhausting server resources.", "date_modified": "2025-09-16T00:00:00.000Z", "author": { "name": "Layerweb Security Teams", "url": "https://blog.layerweb.com.tr" }, "tags": [ "Vulnerabilities" ] }, { "id": "https://blog.layerweb.com.tr/vuln/cve2025-41228-vmwarevcenterXSS", "content_html": "Reflected XSS in VMware vSphere Client 8.0.3.0 via unsanitized query string on /folder endpoint.", "url": "https://blog.layerweb.com.tr/vuln/cve2025-41228-vmwarevcenterXSS", "title": "CVE-2025-41228 - VMware vSphere Client 8.0.3.0 XSS", "summary": "Reflected XSS in VMware vSphere Client 8.0.3.0 via unsanitized query string on /folder endpoint.", "date_modified": "2025-08-11T00:00:00.000Z", "author": { "name": "Imraan Khan (Lich-Sec)", "url": "https://blog.layerweb.com.tr" }, "tags": [ "Vulnerabilities" ] }, { "id": "https://blog.layerweb.com.tr/vuln/cve2023-43320-ProxmoxTOTPBrute", "content_html": "Defensive advisory and mitigation guidance for reported Proxmox VE TOTP brute-force activity. PoC code omitted for safety.", "url": "https://blog.layerweb.com.tr/vuln/cve2023-43320-ProxmoxTOTPBrute", "title": "CVE-2023-43320 Proxmox VE - TOTP Brute Force", "summary": "Defensive advisory and mitigation guidance for reported Proxmox VE TOTP brute-force activity. PoC code omitted for safety.", "date_modified": "2024-01-31T00:00:00.000Z", "author": { "name": "Cory Cline, Gabe Rust (original); Prepared by: LAYERWEB Security Team", "url": "https://blog.layerweb.com.tr" }, "tags": [ "Vulnerabilities" ] }, { "id": "https://blog.layerweb.com.tr/vuln/cve2023-6553-Wordpress-Backup-Migration-RCE", "content_html": "Unauthenticated remote code execution in WordPress Backup Migration plugin (≤1.3.7) via PHP filter chain injection through Content-Dir header manipulation. Critical web application vulnerability enabling complete server compromise.", "url": "https://blog.layerweb.com.tr/vuln/cve2023-6553-Wordpress-Backup-Migration-RCE", "title": "CVE-2023-6553 - WordPress Backup Migration Plugin Remote Code Execution", "summary": "Unauthenticated remote code execution in WordPress Backup Migration plugin (≤1.3.7) via PHP filter chain injection through Content-Dir header manipulation. Critical web application vulnerability enabling complete server compromise.", "date_modified": "2023-12-11T00:00:00.000Z", "author": { "name": "Prepared by: LAYERWEB Security Team", "url": "https://blog.layerweb.com.tr" }, "tags": [ "Vulnerabilities" ] } ] }