Collaborate Disseminate
Spoofing a phone number is not a new concept, you probably get several calls from them a day, but with the accessibility of VoIP solutions and open source software spoofing a phone number is a breeze.
Telemarketers, robocalls, spammers, scammers, … Continue reading With Spoofed Calls on the Rise, FCC Seeks New ID Authentication Program
This is a semi-followup to this question on spam calls
Similar the OP in that post, I’ve been receiving spam calls with the form 1-ABC-DEF-WXYZ, where my phone number is ABC-DEF-GHIJ. I’ve never seen a legitimate caller from… Continue reading Why would someone who’s really calling from my area use the 1- long-distance prefix? [on hold]
Vulnerabilities in a common wireless telecommunications standard could allow hackers to send a fake emergency alert message to almost anyone’s smartphone. Researchers from Purdue University and the University of Iowa say they’ve discovered 10 new vulnerabilities in the 4G LTE protocol that can disrupt victims’ devices in several ways. They present the new findings in a paper published last month that showcases a tool they developed in order to detect such vulnerabilities. Among the new attacks, the researchers highlight an authentication relay attack, which they say allows an attacker to connect to an LTE network while spoofing another existing device’s identity and location. This is done without having legitimate credentials. “Through this attack the adversary can poison the location of the victim device in the core networks, thus allowing setting up a false alibi or planting fake evidence during a criminal investigation,” the paper says. The researchers explain that the 4G LTE protocol […]
The post Researchers uncover 4G LTE exploits that can be used to spy, spoof and cause panic appeared first on Cyberscoop.
Continue reading Researchers uncover 4G LTE exploits that can be used to spy, spoof and cause panic
It’s been more than a month since a mandatory Department of Homeland Security deadline passed for federal agencies to adopt security measures that stop attackers spoofing email — but more than a third have still failed to do so, according to an analysis of public records. What’s arguably worse is those that have implemented the measure called DMARC — Domain-based Message Authentication, Reporting and Conformance — have in many cases misconfigured it, meaning they remain exposed to spoofing. Federal IT specialists “aren’t picking up on the issue of subdomains,” explained Ian Breeze, a product manager at Easy Solutions, a vendor that provides software and advice to organizations seeking to implement DMARC, “They’re leaving their email subdomains open to fraud.” How DMARC works DMARC works by creating a public record that email systems can check to determine whether a message sender is in fact authorized to transmit on behalf of a […]
The post Feds still dragging in DMARC configuration appeared first on Cyberscoop.
I came across this tool recently https://github.com/drk1wi/portspoof
How efficient will it be to use it to confuse hackers doing port scanning? If it’s actually going to be pretty efficient, why hasn’t it caught up so far?… Continue reading How wise is it to use a tool for portspoofing at your server to confuse attackers?
I was looking into spoofing a user agent but all that has come up so far is spoofing the browser type. However I can still see what kind of device I am using (tbh I’m not really even sure why someone would want to spoof the b… Continue reading Can I spoof my user agent so that the type of device I’m using doesn’t show up?
Suppose I find a library at https://github.com/someorg/somelib. I go onto NuGet and find the “same” library somelib.
Can I tell if the github source (or some version of it) matches what I am actually downloading from NuGet?
… Continue reading Github vs. Nuget source code
I have searched google for an answer to my question and can’t seem to find one. Maybe you can help me out. Is it possible to use somebody else’s IP addresses to post on a forum with? I am a moderator of a health website where… Continue reading Is it possible for a single user to route connections through several IP addresses?
I have searched google for an answer to my question and can’t seem to find one. Maybe you can help me out. Is it possible to use somebody else’s IP addresses to post on a forum with? I am a moderator of a health website where… Continue reading Is it possible for a single user to route connections through several IP addresses?
If my phone number is (212)555-1212 and Bob spoofs my number vias SMS to Alice, will Alice’s reply be sent to Bob, me or both?
EDIT: The concern is that the spoof prompts Alice to disclose information that Bob should not ha… Continue reading Reply to a spoofed SMS message