Collaborate Disseminate
Are attackers able to break out of Google Chrome’s sandbox using Nvidia GPU driver exploit and then execute code on a victim’s PC using publicly available tools like metasploit or equivalent?
Continue reading Currently, can attackers exploit Nvidia GPU drivers through web browser? [on hold]
I signed up at what I thought was a legit website and the confirmation email said I should verify by clicking a link like this:
http://justdropped.com/next.cgi?file=verify.nrml
Which I thought was sketchy as all getout, and… Continue reading What is an .nrml file extension?
Amnesty International, which was sent the Pegasus spyware via a WhatsApp message, is seeking to stop NSO Group’s “web of surveillance.” Continue reading Amnesty sues maker of Pegasus, the spyware let in by WhatsApp zero day
I have been working on Wireshark lately. I am learning about malware behavior, but I am curious to know whether methods exist to detect malware download (via drive-by download) on systems.
Anti-virus program catch them, but… Continue reading Can I detect malware download using Wireshark?
I clicked a link from a fake Twitch streamer and now I’m scared of being spied on. I typed my account details but didn’t actually sent them because I realized it was a fake link right before clicking enter.
Am I at risk fro… Continue reading Accidentally clicked a phishing link, am I at risk?
Microsoft has released an unscheduled patch for a remote code execution vulnerability in Internet Explorer that is actively exploited by attackers. Microsoft releases security updates on the second Tuesday of every month—known in the industry as Patch… Continue reading Emergency Patch for Zero-Day Vulnerability in Internet Explorer
Android at times seems like a bag with many leaks. Data leaks out by many paths, and external influences can change the phone all too easily e.g. drive-by attacks and downloads, no way to apply security updates, and baseband … Continue reading Have you given up on Android due to security issues? [on hold]
We don’t really know the pain and cost of a downtime event unless we are directly touched.
Be it a flood, electrical failure, ransomware attack or other broad geographic events; we don’t know what it is really like to have to restore IT infrastructure… Continue reading How A Drive-by Download Attack Locked Down Entire City for 4 Days
I am trying to do some buffer overflow attacks from kali to windows and there is one s/w “SLmail 5.5” which has buffer overflow vuln. But I cannot find it in torrent or google search to download slmail. everywhere I can only … Continue reading Where can I find SLmail 5.5 to download? [on hold]
Related: Is the Web browser status bar always trustable?
How can Google search change the location in a URL tooltip?
I’ve always thought you can “hover” over a link to see where it really goes, until today.
A coworker (wor… Continue reading How did "tech-supportcenter" phishers trick Google?