Collaborate Disseminate
When authenticating from a browser application to an API layer, you can verify the request origin for CORS requests. I’m aware that this is primarily to prevent CSRF attacks. It doesn’t prevent an attacker from accessing the … Continue reading Is it worth verifying the request hostname in API-to-API communications?
I am traveling on a train in Switzerland, working on a macbook connected to a wifi hotspot that I’ve set up on my Phone [1] using WPA2.
At some point along the journey, the internet connection drops. While I am wondering why… Continue reading Did somebody try to spoof my wifi network?
I just learned about IP spoofing and so I set up VMs and sent spoofed UDP packets (8.8.8.8, Facebook’s IP, Twitter’s IP) to myself (home PC and mobile) from well-reputed VPS providers like AWS, Softlayer, Intellectica Systems… Continue reading Why is spoofing allowed in reputed VPS services?
I have to create a virtual network topology in a simulation, inject frames with the adulterated source MAC address and capture this in wireshark.
I’m using GNS3 for the simulation, someone can help me?
Continue reading How simulate a spoofing in a virtual network? [on hold]
This is a home network: a wireless Linksys router serving around 5 wireless devices and 3 wired ones, two PCs and a PS4.
The router is setup to serve DHCP to client devices. It has a setting to change the DNS domain of the n… Continue reading WPAD name collision attack victim: possible information leak
But, it could come at a price Continue reading FCC: robocalls can go get BLOCKED
For the past six months, I’ve experienced call-backs from foreign numbers (all within the EU) telling me that I had called them earlier. At first, I thought the calls are malicious. However, due to the frequency and other det… Continue reading Someone is making random calls spoofing my phone number. What to do?
I am subject to legal proceedings where fake iMessages (not SMS) are being introduced by the opposing party and proclaiming to have come from me. I read about spoofing SMS messages. Is it possible for iMessages to be spoofed?… Continue reading Can iMessages be spoofed?
This is an interesting security vulnerability: because it is so easy to impersonate iOS password prompts, a malicious app can steal your password just by asking. Why does this work? iOS asks the user for their iTunes password for many reasons, the most common ones are recently installed iOS operating system updates, or iOS apps that are stuck during installation…. Continue reading Impersonating iOS Password Prompts
Wired has a story about a possible GPS spoofing attack by Russia: After trawling through AIS data from recent years, evidence of spoofing becomes clear. Goward says GPS data has placed ships at three different airports and there have been other interesting anomalies. "We would find very large oil tankers who could travel at the maximum speed at 15 knots,"… Continue reading GPS Spoofing Attacks