threat-mitigation – Page 8 – WindowsTechs.com

Operation Prowli Malware Infects Over 40,000 Machines

Posted on June 10, 2018 by Sayan

Seems a new malware infection has been detected called ‘Operation Prowli Malware’ and around 40,000 machines are infected.

Still no CVE data updated on CVE site regarding the relevant vulnerability.

Anyone knows the impact… Continue reading Operation Prowli Malware Infects Over 40,000 Machines→

What is the quick fix for CSRF attack?

Posted on May 10, 2018 by Shanky

The application is constructed in Java language and JSF framework. I have reported a CSRF attack and the development team have to fix it soon since the application is in production.

I recommended to use CSRF tokens but the d… Continue reading What is the quick fix for CSRF attack?→

What are the security risks of running a daemon as root even though SELinux is enforcing?

Posted on April 22, 2018 by sob

On an board running Linux I see a daemon and an utility run under root when started. The SELinux is enforcing for this system.

Are there any potential threats of running as root, even if the SELinux policies are quite well written and str… Continue reading What are the security risks of running a daemon as root even though SELinux is enforcing?→

Is Cross Site History Manipulation (XSHM) still relevant?

Posted on February 19, 2018 by Shurmajee

XSHM is a vulnerability which exploits the fact that the browser history object does not follow the Same Origin Policy and hence by tracking the changes made to this object we may be able to track a user’s activities.

Most of the online … Continue reading Is Cross Site History Manipulation (XSHM) still relevant?→

Can an iPhone be remotely compromised if no local passcode is set? [on hold]

Posted on February 5, 2018 by Red2

I have an infected iPhone that transmits data to a few nodes running ToR.

I want to understand how it was compromised, and how it is posting information to a specific onion site.

I speculate it’s a malicious library livin… Continue reading Can an iPhone be remotely compromised if no local passcode is set? [on hold]→

Is using cat -v an appropriate way to sanitize untrusted text?

Posted on December 21, 2017 by forest

It is well known that a terminal tends to trust things which are printed to it through stdout/stderr, making outputting attacker-controlled data to the terminal a risky action. Is using cat -v an effective way to sanitize unt… Continue reading Is using cat -v an appropriate way to sanitize untrusted text?→

Is public Wi-Fi a threat nowadays?

Posted on December 4, 2017 by yzT

In my opinion, arguments we have been using for years to say that public Wi-Fi access points are insecure are no longer valid, and so are the recommended remedies (e.g. use VPN).

Nowadays, most sites use HTTPS and set HSTS headers, so the… Continue reading Is public Wi-Fi a threat nowadays?→

How do I secure my home Wi-Fi network in light of KRACK? [duplicate]

Posted on October 20, 2017 by Jonathan

This question already has an answer here:

To sufficiently protect against KRACK is patching the client, the AP, or both, required?

8 answers

… Continue reading How do I secure my home Wi-Fi network in light of KRACK? [duplicate]→

Resources: Exploit Guard; Threat Mitigation; Cloud Privacy; User Identities; Office 365 Cheat Sheet

Posted on September 5, 2017 by Windows IT Pro

Catching you up on several resources from Microsoft that are targeted at IT Pros and System Admins.

Excluding VS folder from real-time antivirus

Posted on July 25, 2017 by Nate Diamond

Visual Studio has had a long documented history of issues with antivirus. When building, it tends to read and write many files, of which our antivirus in general wants to scan all of them. This slows down the build process ma… Continue reading Excluding VS folder from real-time antivirus→