Home of Himanshu Anand

Social Media Profiles

My Personal Blog

Blog
A collection of my thoughts and research in the field of cyber security.

Blogs Published on Current and Previous Employers' Websites

Over 35,000 Websites Targeted in Full-Page Hijack Linking to a Chinese-Language Gambling Scam
Over 35,000 Websites Targeted in Full-Page Hijack Linking to a Chinese-Language Gambling Scam
Government and university websites targeted in ScriptAPI[.]dev client-side attack
Government and university websites targeted in ScriptAPI[.]dev client-side attack
The cost of false positives - how we became a target
The cost of false positives - how we became a target
Over 5,000 WordPress sites caught in WP3[.]XYZ malware attack
Over 5,000 WordPress sites caught in WP3[.]XYZ malware attack
Over 5,000 WordPress sites caught in WP3[.]XYZ malware attack
Over 5,000 WordPress sites caught in WP3[.]XYZ malware attack
New client-side attack only a proxy could stop
New client-side attack only a proxy could stop
Kuwait ecommerce site is being used to facilitate client-side skimming attacks
Kuwait ecommerce site is being used to facilitate client-side skimming attacks
New Magecart attack code revealed
New Magecart attack code revealed
New 3rd party JS script attack found: Artifyau[.]com and Quantifymy[.]com
New 3rd party JS script attack found: Artifyau[.]com and Quantifymy[.]com
Cisco client-side Magecart JavaScript attack
A detailed analysis of the magecart type attack on Cisco's merchant website.
Ticketmaster Data Breach Déjà Vu: What You Need to Know
A detailed analysis of the repeated data breaches affecting Ticketmaster.
Navigating the maze of Magecart: a cautionary tale of a Magecart impacted website
Insights into the Magecart attack vector and how to mitigate it.
How Cloudflare’s AI WAF proactively detected the Ivanti Connect Secure critical zero-day vulnerability
Discussion on how AI-driven WAF identified and mitigated a critical vulnerability.
All Cloudflare Customers Protected from Atlassian Confluence CVE-2023-22515
Discussion on how AI-driven WAF identified and mitigated a critical vulnerability.
Unmasking the top exploited vulnerabilities of 2022
Discussion top exploits in 2022 from the eye of Cloudflare.
Cloudflare observations of Confluence zero day (CVE-2022-26134)
Cloudflare observation for CVE-2022-26134.
WAF mitigations for Spring4Shell
Spring4Shell attack mitigated by Cloudflare WAF.
Vulnerable Joomla! Installation under active attack
Joompla exploit targeting websites.
One-click fraudsters extend reach by learning Chinese
Once click fraud on chinese websites infecting users to ask for money.
Facebook Scam Leads to Nuclear Exploit Kit
Facebook scam websites leading victimes to nuclear exploit kit.

Talks

Area41 2024 presentation: Public Cloud public attacks: A summary of attacks seen by Cloud Intel (Download PDF)
Blackhat Asia 2024: Malware Clustering using Unsupervised ML: CalMal (Download PDF) - Project link
VB2017 paper: The router of all evil
VB2016 paper: One-click fileless infection

Media Appearances/Interviews

Crush Your New Gig in Cybersecurity From Day One

Hackers are hijacking WordPress sites to push Windows and Mac malware

Website certificates that expire every six weeks? What IT should know

Cloudflare TV: Discussing Magecart-type attacks

Patent

Papers

Fun Projects

CalMal
- Malware clustering using unsupervised ML
Cloud Intel
- High Fidelity Threat Intel, Atomic IOCs targeting Public cloud platforms
Personal LLM
- Llama 2 based personal LLM hosted on Cloudflare Workers
Legally Blocked
- Website to track blocked websites, applications globally
UK Strike Calendar
- A Calendar created using ChatGPT and Cloudflare Workers