Collaborate Disseminate
So I’ve just watched this Defcon video:https://www.youtube.com/watch?v=RaA5dEIqzzQ&t=1583s.
Apparently they were able to set up a rouge DHCP server and get a 50/50 chance of sending the victim the DHCP offer before the le… Continue reading Is DHCP spoofing ever possible on VMware?
Last night my friend’s Skype account(which he stopped using 3 years ago) sent all of his contacts a web spoofed message in the following format
www.google.com/something/something/… id= with the receivers ID appended.
When … Continue reading Clicking a spoofed message customised to receivers id from Android
I recently got a call from a lady who claimed I called her and demanded her credit card information and that she owed me money. I did not make the call, but I did verify that on her phone my number did appear to make the call… Continue reading How would someone be able to call (or spoof) from a phone number they do not own
Interesting acoustic attack against the MEMS accelerometers in devices like FitBits. Millions of accelerometers reside inside smartphones, automobiles, medical devices, anti-theft devices, drones, IoT devices, and many other industrial and consumer applications. Our work investigates how analog acoustic injection attacks can damage the digital integrity of the capacitive MEMS accelerometer. Spoofing such sensors with intentional acoustic interference enables an out-of-spec… Continue reading Acoustic Attack Against Accelerometers
Let’s say I have the following scenario. I have QR Code, Eddystone and/or NFC which contains IP address, with which, my client side application communicates. Let’s say this IP address can vary from user to user (or let’s say … Continue reading Protecting QR Code, Eddystone and NFC against spoofing
I know that Trapcall allows mobile telephone users to forward their calls to a toll free number, which then forwards them back to the user’s telephone, allowing them to see the caller ID. However, this A) is only available th… Continue reading Is it possible to un-spoof a spoofed caller ID?
I know that Trapcall allows mobile telephone users to forward their calls to a toll free number, which then forwards them back to the user’s telephone, allowing them to see the caller ID. However, this A) is only available thru Trapcall fo… Continue reading Is it possible to un-spoof a spoofed caller ID?
We explain what adware and ad fraud are and point out the differences by discussing the methods and the classification of the malware that is involved.
Categories:
Cybercrime
Malware
Tags: ad fraudad supportedadvertisingadwarespoofingstackingstuffing… Continue reading Adware vs. Ad-fraud
Recently a business I’m working with had an email that was sent to some vendors of theirs using emails that were remarkably similar to their own emails. The attackers used letter substitution to mimic the business’s domain (e.g. exarnple@dornain.com — notice the use of “r” and “n” to imitate an “m”).
Luckily, the vendors contacted by these people were diligent enough to catch the mismatched email addresses. However, I’m concerned that similar attacks will hit other vendors of our that might not have the same protocols in place.
Aside from contacting every one of vendors, is there anything the business can do on their end to mitigate these attacks? Or are they reliant on vendors being diligent with double-checking their contacts?
Continue reading Dealing with a fraudulent email that went to vendors
We are using a browser based email client and the email content is in HTML.
One of my employers told us that if we receive a suspicious email with links, we have to hover over the link (to check that it is not spoofed) befo… Continue reading Why is "hovering over" a link in an email considered safe? Or is it harmful?