Collaborate Disseminate
The BBC reports that the image Boris Johson posted on Twitter to congratulate Joe Biden contains traces of the text "Trump" in the background. The BBC article links to a Guido Fawkes’ article, and when I download the tweet’s JPEG… Continue reading What aspects of image preparation workflows can lead to accidents like Boris Johnson’s No. 10 tweet’s ‘hidden message’?
I’m new to cybersecurity. I am participating in the cybersec challenge.
I have an image to analyze. This image is small but super heavy. I thought that there was a message hidden behind but all my attempts at steganography have been unsucc… Continue reading What can a jpg with a small width and height hide? [duplicate]
I received a message from a friend with a link. I never clicked it, but the thumbnail image shown pretended to be an image preview for a YouTube video. Some of her other friends clicked it and it took them to a fake Facebook page where it … Continue reading Are preview thumbnails for links a risk?
There are many ways to update an embedded system in the field. Images can fly through the air one a time, travel by sneaker or hitch a ride on other passing data. OK, maybe that’s a stretch, but there are certainly a plethora of ways to get those sweet update …read more
Do commercial AV suites examine image files (pictures) for potential malware that might be imbedded via steganography? Is this a concern for most?
I deal with a lot of imagery data and am wondering what the risk of exposure is.
Is this a good idea to make the following text message encryption:
accept text from the user 1
store the text into a document in the form of some handwritten font
convert the document into an image
apply noise to the image
encrypt the ima… Continue reading Encrypt Text Message as Image
Performing over-the-air updates of devices in the field can be a tricky business. Reliability and recovery is of course key, but even getting the right bits to the right storage sectors can be a challenge. Recently I’ve been working on a project which called for the design of a new …read more
A JSON response in the API of a webapp is returning the base64 of a user-uploaded image, and there’s no X-Content-Type-Options Header to prevent MIME sniffing.
Could this be a potential vulnerability such as an XSS for the webapp by using … Continue reading Potential vulnerability in JSON response returning base 64 encoded image data, with the response being vulnerable to MIME sniffing
I am currently studying regarding SSRF. I noticed that an injection vector where SSRF might be present is always parameters that is related to url (Importing image using URL, others). I have encountered a couple of endpoints where request … Continue reading SSRF Through Image Url
For example, if someone uploads a malicious image on website like Instagram or Facebook, and then hundreds of people viewed this image, wouldn’t that be an easy way to infect the devices of hundreds or thousands of people? If so, why do pe… Continue reading If malware can be attached to an image file, then why aren’t images a common attack vector?