Ars Technica used in malware campaign with never-before-seen obfuscation — Buried in URL was a string of characters that appeared to be random, but were actually a payload::Vimeo also used by legitimate user who posted booby-trapped content.

  • SatanicNotMessianic
    link
    fedilink
    English
    arrow-up
    11
    ·
    10 months ago

    It’s also not clear that any Ars users visited the about page.

    Are weblogs not a thing? They should be able to tell how many times that page was accessed and by whom with a single query.

    • henfredemars@infosec.pub
      link
      fedilink
      English
      arrow-up
      9
      ·
      10 months ago

      It’s complicated. It’s possible that their web server does have these logs but they might not go into the database, and when you’re a large website you might not have logs collected centrally simply because you generate so much data.