Collaborate Disseminate
I need to download certain files from Telegram. It is mostly images and videos. I am aware that even this kind of files can contain malicious code, so I want to be 100% safe. (The files usually surpass 20 MB, so it is not scannable through… Continue reading How to safely download files from Telegram using Sandboxie?
I have a PC with Ubuntu and Windows in dual boot. I use this PC for basic stuff: Windows for gaming, shopping and common browsing, Ubuntu to do something such as home banking.
I was thinking to create a virtual machine on Ubuntu with anoth… Continue reading Use a virtual machine to do risky stuff. How to stay as safe as possible? [duplicate]
Following on to questions like Sandbox for attachment accessment and How do I safely inspect a suspicious email attachment?.
Why don’t we sandbox email clients company-wide?
I must be missing something. Why don’t companies insist on email … Continue reading Why don’t we sandbox email clients company-wide?
I am aware of a website that I suspect is, at the very least, pulling user data from visitors and possibly performing other malicious activity on visitors. Of course, the safest course of action is to avoid this site. That said, I am a stu… Continue reading How to Safely Research a Suspected Malicious Website by Using A VM [duplicate]
The answer provided to this question by forest has a good summary explaining the types of attacks that a malicious USB can do.
Does USB redirection in a VM provide any protection against any of these attack vectors (e.g. confining an expl… Continue reading What kind of USB-based attacks can be prevented by a VM?
As security vulnerabilities are reported to you time and again, you may ask yourself: “Why don’t these developers learn the lesson?” The next thing you may think is: “We should train developers, so they stop making these mistakes.” For many years… Continue reading Does a secure coding training platform really work?
I am writing an online judge so I need to sandbox execution of untrusted binaries for judging and for that, I am using apparmor. Here’s my current simple profile:
#include <tunables/global>
profile bin_jail {
deny /** rwkx,
}
The… Continue reading Apparmor profile for executing untrusted binaries for online judge
Im using Windows 11 Pro. It has a feature called "Windows Sandbox", which is basically a virtual machine.
If im getting a Virus inside of this sandbox, is it possible for that Virus to somehow "break free" from the virt… Continue reading Is it possible for a Virus to "leave" the Windows Sandbox (VM) and infect the host system?
I would like to use AWS Lambda to run solutions to programming problems for an online courses website. So far, I use simple eval in my lambda function. However, many posts (e.g. this and this) suggest that a comprehensive solution is neede… Continue reading The simplest measures to run short code snippets securely on AWS Lambda
Google has tripled the full reward amount for the first security bug report that includes a functional full chain exploit of its popular Chrome browser. Six months of higher rewards for a Chrome full chain exploit The Chrome Vulnerability Rewards Progr… Continue reading Google triples reward for Chrome full chain exploits