Collaborate Disseminate
I have recently started getting the occasional spam mail after not having this problem for several years. As far as I know spammers typically obtain mail addresses via data breaches or by crawling the web for mail addresses carelessly made… Continue reading How do spammers crawl the web for mail addresses?
I’m interested in how I can secure my IoT devices from hackers. Particularly, I have a Xiaomi hub and a range of child devices for it. Also, how to secure devices that communicate using the Zigbee protocol.
I’m looking for some advanced ti… Continue reading How to secure smart home devices?
I’ve noticed some strange behaviour on my home laptop (eg never sleeps even though configured to do so, and starts running flat out when it’s been idle for a while) and am wondering whether it is infected with a root kit. Why do I think r… Continue reading How can I tell if my laptop has a root kit installed?
I am using GnuPG. When gpg encrypt is called from the command line, how is a key chosen to do the encryption? It appears to me that -r, or –recipient, supplies a user id and that is the simple answer. I believe all of the ex… Continue reading When gpg encrypt is called from the command line, how is a key chosen to do the encryption?
I’ve recently received 2 spam SMS messages, claiming to be from 2 different organizations, but (obviously) not sent by them.
However, all of the contact details in the SMS match the real details of the organizations in quest… Continue reading What are spammers trying to acheive who only provide the correct contact information in their spam? [on hold]
We have a web application, where other partners can include their pages as iframes. We implemented a server-to-server way of authenticating users for the iframes, but one partner doesn’t want to implement it.
The bad thing i… Continue reading preventing cross iframe key logging in javascript
My business partner and I are building a webapplication. We have partnered with some third party services which make use of API (public and secret) keys.
The freelance developer we worked with required the keys to implement these services… Continue reading How to securely share sensitive info (such as API keys) with freelancers?
I want to generate a wordlist of usernames that would suit the following cases:
Can be combined from several words depending on the case: “name”, “name + surname”, “name + surname + DOB”.
Username can contain special chara… Continue reading Generate wordlist of usernames for OSINT
Since apps on iOS can access the clipboard should I worry about it when copying passwords from the keychain?
I do that when AutoFill feature doesn’t work so I would not have to manually retype complicated passwords.
Continue reading Is copying passwords to iOS clipboard secure?
I received an email with the subject “Your invoice from Apple #xxxxx”.
It then continues by: “[…] your payment from “Pokemon Go was accepted […]”. That line made me sceptical. I just downloaded the app recently. How could the scammer k… Continue reading How could a scammer know the apps on my phone / iTunes account?