Using indistinguishability obfuscation (iO) to deter/stop data exfiltration? [closed]
Can indistinguishability obfuscation (iO) be leveraged upon to deter/stop data exfiltration like what we seen in Solarwinds and Hafnium attacks?
Category Archives: exfiltration
A new programming paradigm (e.g., Rust) to reduce or end all zero-day vulnerabilities/exploits? [closed]
In view of the Hafnium and Solarwind hacks, where multiple zero-day vulnerabilities were used to ultimately stage the hack and data exfiltration, would the use of memory safe programming languages such as Rust to build software help to red… Continue reading A new programming paradigm (e.g., Rust) to reduce or end all zero-day vulnerabilities/exploits? [closed]
Would confidential computing/hardware-based TEE be the missing security jigsaw puzzle to counter data exfiltration?
Is confidential computing/hardware-based trusted execution environment (TEE) the missing security jigsaw puzzle to counter data exfiltration?
Today, we already have data encrypted at rest and data encrypted in transit (TLS) widely adopted…. Continue reading Would confidential computing/hardware-based TEE be the missing security jigsaw puzzle to counter data exfiltration?
XXE with OOB data exfiltration
SCENARIO:
I successfully tried to send a request to the burp collaborator, then the application is vulnerable to SSRF through blind XXE. The payload I used is the following
<?xml version="1.0" encoding="utf-8"?>
… Continue reading XXE with OOB data exfiltration
[SANS ISC] Using API’s to Track Attackers
I published the following diary on isc.sans.edu: “Using API’s to Track Attackers“: For a few days, I’m keeping an eye on suspicious Python code posted on VT. We all know that VBA, JavaScript, Powershell, etc are attacker’s best friends but Python is also a good candidate to perform malicious activities on
The post [SANS ISC] Using API’s to Track Attackers appeared first on /dev/random.
How does releasing exfiltrated data increase the chances of an attacker getting caught?
I’m reading an article from the Institute for Applied Network Security (IANS) titled "Ransomware 2.0: What It Is and What To Do About It", and there’s a piece I don’t understand. The article requires a subscription, but here’s th… Continue reading How does releasing exfiltrated data increase the chances of an attacker getting caught?
GPU Turned Into Radio Transmitter To Defeat Air-Gapped PC
Another week, another exploit against an air-gapped computer. And this time, the attack is particularly clever and pernicious: turning a GPU into a radio transmitter.
The first part of [Mikhail Davidov] and [Baron Oldenburg]’s article is a review of some of the basics of exploring the RF emissions of computers …read more
Continue reading GPU Turned Into Radio Transmitter To Defeat Air-Gapped PC
Google approach to device security (BeyondCorp): managed devices and inference engine
I’m reading the BeyondCorp papers and trying to get a very high level idea of how it could be implemented by a small to medium organisation, rather than a behemoth like Google.
What kind of software would a managed device require? I assum… Continue reading Google approach to device security (BeyondCorp): managed devices and inference engine
The Modern-Day Heist: IP Theft Techniques That Enable Attackers
There’s more than one way to get inside a company. Continue reading The Modern-Day Heist: IP Theft Techniques That Enable Attackers
Protecting Linux systems from symlink attacks [migrated]
Linux-based systems are vulnerable to symlink race attacks from unprivileged UID processes. For example, a PHP process can create a symlink to /etc/passwd in a directory where Apache httpd will serve it to the Internet. For e… Continue reading Protecting Linux systems from symlink attacks [migrated]