Spooky action: Phantom domains create hijackable hyperlinks

According to a recent paper published at the 2024 Web Conference, so-called “phantom domains” make it possible for malicious actors to hijack hyperlinks and exploit users’ trust in familiar websites. The research defines phantom domains as active links to dot-com domains that have never been registered. Here’s what enterprises need to know about how phantom domains […]

The post Spooky action: Phantom domains create hijackable hyperlinks appeared first on Security Intelligence.

Continue reading Spooky action: Phantom domains create hijackable hyperlinks

New Hampshire authorities charge Democratic operative behind Biden AI robocall

Steve Kramer has been indicted for 13 counts of felony voter suppression and 13 misdemeanor counts of impersonating a political candidate. 

The post New Hampshire authorities charge Democratic operative behind Biden AI robocall appeared first on CyberScoop.

Continue reading New Hampshire authorities charge Democratic operative behind Biden AI robocall

Implementing Blockchain in Fanet to Restrict UAV Access to Restricted Zones (based on gps spoofing) [closed]

I’m exploring the implementation of blockchain technology within a Fanet (Flying Ad-Hoc Network) to control UAV (Unmanned Aerial Vehicle) access to restricted zones. The goal is to register authorized UAVs on the blockchain and prevent una… Continue reading Implementing Blockchain in Fanet to Restrict UAV Access to Restricted Zones (based on gps spoofing) [closed]

How to avoid non-in-person "handshakes" and spoofing due to compromised URL data on NFC card

I am designing a system that allows users to purchase my NFC cards and sign up for an account on my online SaaS website.
The System
For the sake of explanation, assume the website is hosted at domain test.com.
Think of this system as a &qu… Continue reading How to avoid non-in-person "handshakes" and spoofing due to compromised URL data on NFC card

Security Vulnerability of HTML Emails

This is a newly discovered email vulnerability:

The email your manager received and forwarded to you was something completely innocent, such as a potential customer asking a few questions. All that email was supposed to achieve was being forwarded to you. However, the moment the email appeared in your inbox, it changed. The innocent pretext disappeared and the real phishing email became visible. A phishing email you had to trust because you knew the sender and they even confirmed that they had forwarded it to you.

This attack is possible because most email clients allow CSS to be used to style HTML emails. When an email is forwarded, the position of the original email in the DOM usually changes, allowing for CSS rules to be selectively applied only when an email has been forwarded…

Continue reading Security Vulnerability of HTML Emails

Mom receiving texts with some private info daughter has not sent [closed]

I have received three texts from my daughter’s phone number – she is on an iPhone 14, I am on a Google Pixel 4. The first two texts came in on my car Android Auto – a week apart, but within minutes of the same time of day…and copies of t… Continue reading Mom receiving texts with some private info daughter has not sent [closed]