Tag Archives: security

Ticket Trick: Hacking companies through their helpdesk

Clever way, unearthed by Inti de Ceukelaire, to getting access to private communications channels (such as Slack) by leveraging the create-by-email feature of issue trackers/the helpdesk of a company. First target of Init was Gitlab’s Slack channel: Anyone with a … Continue reading

Elsewhere , , , Leave a comment

DolphinAttack: Hacking Voice Assistants with Inaudible Voice Commands

About a year ago it came to my attention that voice assistants such as Siri can lead to easily exploitable security issues. As voice assistants are not aware who is talking to them, it doesn’t matter if it’s you or … Continue reading

Elsewhere , , , , Leave a comment

Keystroke Recognition Using WiFi Signals

We’re all doomed: In this paper, we propose a WiFi signal based keystroke recognition system called WiKey. WiKey consists of two Commercial Off-The-Shelf (COTS) WiFi devices, a sender (such as a router) and a receiver (such as a laptop). The … Continue reading

Elsewhere , , , , Leave a comment

Google Chrome, Firefox Address Bar Spoofing Vulnerability

Turns out one single right-to-left character in a URL can make the omnibox (Address Bar) freak out, and render it wrongly: Placing neutral characters such as “/”, “ا” in filepath causes the URL to be flipped and displayed from Right … Continue reading

Elsewhere , , , Leave a comment

UpGuard Web Scan

The UpGuard external cyber audit uses publicly available information to grade your cyber risk posture. External scans are convenient and non-invasive but require an internal scan to assess the majority of risk factors. Checks for thinks like SPF records and … Continue reading

Elsewhere , , , , Leave a comment

PHP HTTP Public-Key-Pinning Builder

HTTP Public-Key-Pinning Builder aims to make it easy to build HTTP Public-Key-Pinning headers in your PHP projects. As so: <?php use \ParagonIE\HPKPBuilder\HPKPBuilder; $hpkp = HPKPBuilder::fromFile('/path/to/source.json'); $hpkp->sendHPKPHeader(); { "hashes": [ { "algo": "sha256", "hash": "hwGEkxDWJ2oHtKv6lsvylKvhotXAAZQR1e0nq0eb2Vw=" }, { "algo": "sha256", "hash": "0jum0Eiu4Eg6vjn3zTmyd/RobfN6e4EagFQcz6E5ZKI=" … Continue reading

Elsewhere , , Leave a comment

The Link That Can Crash Google Chrome

In the news today: a link which, when moused over or clicked on, crashes Google Chrome. It’s a heck of a bug: but how does it work, and what does it have to do with “null-terminated strings”? An attack known … Continue reading

Elsewhere , , Leave a comment

WordPress 4.2 Stored XSS

Earlier this week WordPress 4.1.3. It fixed an XSS exploit discovered by a former student of mine. This week a new exploit – even in the new WordPress versions, including 4.2 – was uncovered. Current versions of WordPress are vulnerable … Continue reading

Elsewhere , , , Leave a comment

SecurityHeaders.com

Run a free test of a website’s HTTP headers and learn how it performs from a security perspective! Checks for the following headers and their values: Access Control Allow Origin Content Security Policy Cross Domain Meta Policy NoSniff Server Information … Continue reading

Elsewhere , , Leave a comment

Moonpig vulnerability

Decoding the auth header we get *redacted*:*redacted*, that’s not my username or password – these are static credentials sent with every request. The only identifiable piece of information left is the URL parameter customerId. […] Every API request is like … Continue reading

Elsewhere , , Leave a comment