Very revealing post about Json whitespace hijacking by Stefan Grimminck which I decided to share. To summarize Json allows “insignificant whitespace” characters as the article says and this can be leveraged to smuggle code into a system. Json is literally everywhere so you can imagine the possible consequences. Luckily Yara can be leveraged and he even provides the yara file
Page 1 / 1
Thanks for sharing this possible threat and Yara to help detect it Geoff.
Nice to see Yara at work with Veeam and this vulnerability. Thanks for sharing this.
Comment
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.