spoofing – Page 33 – WindowsTechs.com

spoof or hacked? [duplicate]

Posted on June 17, 2017 by Mpact

This question already has an answer here:

Can I determine actual origin of spoofed text message?

2 answers

I received a v… Continue reading spoof or hacked? [duplicate]→

Gaming Google News

Posted on June 16, 2017 by Bruce Schneier

Turns out that it’s surprisingly easy to game: It appears that news sites deemed legitimate by Google News are being modified by third parties. These sites are then exploited to redirect to the spam content. It appears that the compromised sites are examining the referrer and redirecting visitors coming from Google News…. Continue reading Gaming Google News→

Spoofing a not vulnerable DNS server with ARP spoofing?

Posted on June 10, 2017 by Ben tester

Is it possible to spoof a not vulnerable DNS servers with ARP spoofing? If it is possible, how can we do this?

I’m not limited to ARP spoofing. I mean, how can I do cache poisoning on a not vulnerable ISC BIND server (or ano… Continue reading Spoofing a not vulnerable DNS server with ARP spoofing?→

How can I protect myself from someone spoofing my phone number?

Posted on June 7, 2017 by Iceape

I don’t know much about security and don’t know if these things are possible or not.

Last night I received a text message stating “Please use ****** to authenticate your phone number in the DIGITS from T-Mobile app”

I look… Continue reading How can I protect myself from someone spoofing my phone number?→

Fooling Samsung Galaxy S8 Iris Recognition

Posted on May 24, 2017 by Elliot Williams

We have a love-hate relationship with biometric ID. After all, it looks so cool when the hero in a sci-fi movie enters the restricted-access area after having his hand and iris scanned. But that’s about the best you can say about biometric security. It’s conceptually flawed in a bunch of ways, and nearly every implementation we’ve seen gets broken sooner or later.

Case in point: prolific anti-biometry hacker [starbug] and a group of friends at the Berlin CCC are able to authenticate to the “Samsung Pay” payment system through the iris scanner. The video, embedded below, shows you how: take …read more

Continue reading Fooling Samsung Galaxy S8 Iris Recognition→

My Skype friends are sending me links

Posted on May 24, 2017 by Kieran Drydale

People on my Skype friends list keep sending me links with my name in the URL. I was getting kind of worried because when I click the link it doesn’t go anywhere. I asked my friends and they said their account got spoofed and… Continue reading My Skype friends are sending me links→

Why is callerID spoofing not possible when using short codes?

Posted on May 20, 2017 by slashcrypto

The question is already in the headline:

Why is callerID spoofing not possible when the destination number is a short code?

Here for example the answer to the question if callerID spoofing is still possible says “It is pos… Continue reading Why is callerID spoofing not possible when using short codes?→

I just received a phishing text message, how could this have worked?

Posted on May 17, 2017 by mergesort

I received a phishing text message that pretended to be my bank. It had a link that went to a site that redirect to the following script:

<html><script language="javascript">var page = "Login.php?sslchannel=true&sessionid=XXX”; top.location = page; </script></html>

When I did a wget on that page with the rest of the full url it ran the following script:

<script>
    window.googleJavaScriptRedirect = 1
</script>
<script>
    var n = {
        navigateTo: function(b, a, d) {
            if (b != a && b.google) {
                if (b.google.r) {
                    b.google.r = 0;
                    b.location.href = d;
                    a.location.replace("about:blank");
                }
            } else {
                a.location.replace(d);
            }
        }
    };
    n.navigateTo(window.parent, window, "https://www.banksite.com/");
</script><noscript><META http-equiv="refresh" content="0;URL='https://www.banksite.com/'"></noscript>

From a technical perspective, I’m trying to figure out what this phishing text could have done in the worst case scenario.

Continue reading I just received a phishing text message, how could this have worked?→

Which attributes of a WPA AP certificate are used by a client device in deciding if the certificate has been trusted before?

Posted on May 16, 2017 by Lew Wei Hao

When connecting to a new AP, the client device will pop a warning to ask if the certificate of the new AP should be trusted. If trusted, the warning doesn’t show anymore if the certificate is known to have been trusted before… Continue reading Which attributes of a WPA AP certificate are used by a client device in deciding if the certificate has been trusted before?→

Soldiers sent hate-SMS messages from rogue base stations

Posted on May 12, 2017 by John E Dunn

The culprit exploits a design feature of older 2G networks in a type of man-in-the-middle attack Continue reading Soldiers sent hate-SMS messages from rogue base stations→