Posts

A detailed analysis of the CVE-2019-17570 deserialization vulnerability in the Apache XML-RPC library, including patching methods and secure implementation practices.

The 2025 KakaoPay case exposed the limits of formal consent and self-regulation. Data democracy must be achieved through AI-based DPIA verification and civic oversight.

The global security community has depended on CVE for decades without ever paying a dime. As the system nears collapse, it’s time to ask who should bear the cost of public cybersecurity infrastructure.

📂 [Confidential Document] Leaked Copy In the AI Era, Employees Are Isolated and Organizations Thrive — Evil Management Manual v1.0 1. Human Relationships? Eliminate Them What happens when people get too close? Gossip Mass resignations Solidarity and resistance ✅ Solution: Build an AI-centered communication system Automate meeting summaries, reminders, and reports Reduce human interaction → Eliminate emotional overhead “Teamwork is a cost. Efficiency comes from silent individuals.” ...

We live in an era overflowing with information and surging technology. AI mimics human speech, summarizes thought, and even predicts intent. But amidst all this, something vital is slowly being forgotten. That is: “Who thought of it first,” “Who connected it,” “Who gave it meaning.” AI processes data. But insight belongs to humans. To reinterpret the bypassing of Citrix VDI policies not as a mere technical vulnerability, but as a legal violation, a collapse of network isolation, and a real-world regulatory failure— that is not something AI can do. It is a human act of context-building and a creative synthesis of law, policy, and technical risk. ...

This article breaks down common developer security myths—responsibility deflection, overconfidence in technology, and security underestimation—and offers realistic countermeasures.

Background Public DNS services like Cloudflare (1.1.1.1) and Google (8.8.8.8) have increasingly been abused as C2 channels for malware. Technologies such as DoH (DNS over HTTPS) and ECH (Encrypted Client Hello) encrypt DNS traffic and SNI fields, making it difficult for security solutions to detect and inspect network activity. Note: ESNI (Encrypted SNI) is deprecated and has been replaced by ECH as the current standard. This guide focuses on ECH only. ...

XML-RPC Security Series: Series 1 - XML-RPC Security Vulnerabilities Analysis and Mitigation Strategies Series 2 - CVE-2019-17570: Apache XML-RPC Exploit Series 3 - Exception Serialization Patterns in OpenStack Nova: Theoretical RCE Risks and Lessons Learned Summary Overview of XML-RPC Vulnerabilities: As a lightweight remote call protocol for inter-system communication, XML-RPC is exposed to various threats such as RCE, XXE, DDoS, and privilege escalation. Notable Cases: NodeBB (CVE-2023-43187), Apache OFBiz (CVE-2020-9496), PHP XML-RPC (CVE-2005-1921), etc. Real-World Use Cases: In addition to WordPress, Bugzilla, ManageEngine, and Apache OFBiz, XML-RPC is still used in some legacy systems. Mitigation Strategies: Disabling XML-RPC, enhancing input validation, reinforcing authentication systems, applying up-to-date security patches, implementing access control, and deploying WAFs. What is XML-RPC? XML-RPC (XML Remote Procedure Call) is a remote procedure call protocol that uses XML as its data format and HTTP as its transport mechanism. Proposed jointly by Dave Winer and Microsoft in 1998, it was designed to simplify cross-platform communication. ...

Review of Citrix Security Policy Effectiveness 1. Introduction Citrix administrators apply security policies to each user’s VDI (Virtual Desktop Infrastructure) through Citrix Group Policy. However, certain structural vulnerabilities in Citrix CSE (Citrix Service Engine) and the Citrix VDI Agent allow for potential bypassing of these security policies. 2. Security Policy Bypass Bypass through Registry Manipulation A security policy bypass is possible by manipulating the registry using a race condition that occurs during the Citrix VDI Agent (PicaSvc2.exe) policy storage process. While Citrix has implemented a stealth patch to mitigate this vulnerability, it is still possible to disable security policies by adjusting registry security settings and denying write permissions. ...

KPIs Can Cause Incidents!!! - Bad metrics produce bad outcomes. Recently, I was going through old emails and found a reply from a junior colleague to a very serious email I had sent. The colleague wrote that after reading my message, they realized they had been mindlessly following instructions without deeper consideration. They promised to carefully consider the ethical implications and correctness of every task, and to proceed based on their own judgment going forward. ...