Collaborate Disseminate
If I have an app that’s frequently and randomly crashing, will it impose a bigger security threat (e.g: possible attack vector) than apps that are stable? Or are both apps equally protected from such attacks by the kernel and firmware?
Of … Continue reading Do frequently crashing programs pose a bigger security threat than stable programs?
I have a question in my mind regarding the inner workings of Kerberos protocol. If the generation of the session key is somehow insecure, does this compromise the security of the Kerberos protocol?
I am thinking at the point of the Ticket … Continue reading Kerberos protocol attacks?
We develop a website in JAMStack, all URLs are static HTML page, and each interaction with the server are made by a fetch call on our REST API (micro-services).
When a user sign in, we want to proposes an option to permit them to stay conn… Continue reading Protection against user session attacks (hijack, replay, tampering, CSRF, XSS…)
What kind of attacks could a hacker with moderate knowledge who knows my public IP perform to steal my data if I don’t have open ports or port forwarding and I have a firewall on my PC and my router, antivirus and Windows 11 with isolated … Continue reading Type of attacks for steal data outside network with public ip
Does Windows 11 core isolation protect me against malware or does it have nothing to do with it? For example, an unsophisticated hacker with metasploit, nmap, msvenom or tools like that could create obfuscated malware or code that can run … Continue reading Does core isolation protect me against malware?
I am being harassed by a hacker and need to know if am being hacked. He maybe got my public IP but I have a PC and router without open ports or port forwarding. My router has a firewall, my PC has antivirus, TPM 2.0, a firewall, isolated c… Continue reading Can I be hacked with all this protection? [closed]
I have been wondering if someone is accessing my system and after doing using some basic assessment tools like netstat and event viewer, found some unusual open ports(12345) and special Logon! below is the screenshots I would really apprec… Continue reading Is someone accessing my win10 computer?
If I have a website where a user can add any string into the URL after the domain and have it return a 200 status code rather than 404, what are the security implications?
Is this something that can be exploited by hackers?
For devices that use wake words for voice assistants, like phones, smart watches, and smart speakers, the audio has to be a constant stream for these devices to compare to the properties of the wake word.
My question is do they record thes… Continue reading Do devices that listen for wake words wright the detection samples to memory, if only briefly?
I want to create a website with password login and social login (e.g. Google only.)
For password login, first I will send a verification email.
I want to prevent pre-hijacking.
For those who do not know pre-hijacking: https://msrc-blog.mic… Continue reading Pre-Hijacking Mitigation