Sabah El-Khier 👋

or “Good Morning” in Arabic 😁 I hope you are still keeping it together with everything going on in this world and apparently we are heading to a new world order mixed with wars, a climate crisis and a financial crisis but we have to do what we can do, and do it together.

At least you weren’t hacked like what happened to me on a staging environment that I sat up to late find out someone is using it for a phishing attack. More on this story later in the newsletter 👀

In This Issue

• News & Articles: Rheinmetall data breach, 4chan got hacked, Japanese Web design, 70+ Tech jobboards.

• Poll: Were you laid off recently?

• Weekly Summary:

  • Form Submission Encoding

  • Open-Source Intelligence (OSINT)

  • How A Hacker Used My Staging Environment for Phishing

• Weekly Videos:

  • Reality of Cybersecurity

  • Design Better Than 99% of UI Designers

News & Articles

• German Weapon Manufacturer Rheinmetall got compromised

• 4chan got hacked

• Why Japanese Websites Look So Different

• The peculiar case of Japanese web design

• 70+ Job Find Websites For Developers & Other Tech Professionals

Poll

This week’s Summaries

Form Submission Encoding

Form submission encoding refers to the process of formatting and encoding form data before it is sent to the processing agent (such as a server). The encoding method depends on the content type specified in the form's enctype attribute.

There are two main types of commonly used encoding:

• application/x-www-form-urlencoded

  • Simple format and it’s similar to what you see in the query parameters

  • It can be sent in get or post

  • Consists of pairs of keys and values separated by the & symbol

  • Can’t be used to send files

• multipart/form-data

  • More complex and covers all types of data that needs to be sent

  • Can be used to send files

  • The encoding separate between different values with a boundary

  • It can be used to upload multiple files using a Content-Type multipart/mixed and creates a separate boundary for it

Read more:

• W3 Official Documentation on Form submission

Open-Source Intelligence (OSINT)

Open-source intelligence (OSINT) is the process of gathering and analyzing publicly available information to answer specific questions mostly about a person, organization, or event. It is widely used in various fields, including cybersecurity, law enforcement, journalism, and business intelligence.

Key points about OSINT:

• Sources: News articles, social media, government records, company websites, images, videos, web archive, wikipedia, news, ...etc.

• Methods: Searching, cross-referencing, analyzing, and drawing conclusions, ...etc.

• Uses: Security investigations, market research, competitive analysis, due diligence, ...etc.

• Benefits: Cost-effective, legal, and readily available information.

• Ethics: Respect copyright, privacy, and avoid spreading misinformation.

Read more:

• OSINT Frameworkopen in new window

• OSINT: How to Find Information about ANYONE!

How A Hacker Used My Staging Environment for Phishing

It’s never expected when you become a victim of a hacking attack but it all happen all of a sudden. I can say I have seen some hacks in my career and found a way to stop them.

But this one was very interesting!

Not because it was brilliant or something but because the hacker found my staging server which has a very weird long name including random numbers like this one: “http://editor-1733357790….wpmt.test/”

You can read the article on my blog for the full story and learnings. The article is behind a paywall but you can read it for free from here 😉

Videos of the Week

Reality of Cybersecurity

Design Better Than 99% of UI Designers