You might like
I put together a possible detection / mitigation browser agent in response to @mrd0x 's Browser in the Browser (BITB) phishing technique. Native browser functionality could be a great solution, but here's an open-source idea for now. github.com/odacavo/enhanc…
If you’re in #Canada, you’ve likely seen this recent #deepfake YouTube ad. What I found led me straight to the scammer. In this video, I show how I traced the operation back to its source, warned the victims, and eventually shut the infrastructure down. youtube.com/watch?v=6208Bm…
youtube.com
YouTube
How I Took Down A $150,000 Scam
Quick little forensics tool to extract common IOCs and enrichment from .eml files: github.com/MalwareCube/Em…
For years #OWASP #Ottawa met at Shopify's Cody's Cafe.But as that is no longer available we needed to find a new place. We are pleased to announce a new location at the University of Ottawa.This will keep our meetup's central. We will continue to live stream. Details to follow.
Stealth trick for Red Teaming - why worry about being caught by an MDR (i.e., Artic Wolf, FireEye, etc.) when you can kill their visibility? 🧐 ipconfig /displaydns - Find API Endpoint echo 127.0.0.1 blahblah.fireye.com >> c:\windows\system32\drivers\etc\hosts
Thank you for sharing!
Try this extension to automatically detect and provide verbose warnings for embedded iframe elements in order to protect yourself against Browser-In-The-Browser (BITB) attacks by @odacavo github.com/odacavo/enhanc…
BREAKING: @TheJusticeDept announced a policy revision to the United States Computer Fraud and Abuse Act (CFAA) which includes exemptions of criminal charges for "good-faith" security researchers. This is a huge victory for our cause! #HackingIsNotACrime justice.gov/opa/pr/departm…
you've heard of Y2K. now get ready for...the user agent apocalypse😂
Super interesting: looks like scammers found a subdomain takeover on "forms.ferrari.com" and are using it to host an NFT scam.
After 5 years of work, security.txt is officially an RFC. I am pleased to announce RFC 9116: rfc-editor.org/rfc/rfc9116. I would like to use this opportunity to thank those who made this possible. Thank you. ❤️
APSU ALERT: We are under a Ransomeware attack. If your computer is connected to the APSU network, please disconnect IMMEDIATELY
An infected host on your network is running searches on Bing.
Thanks a lot for the good work and the sharing!! 🙏
This is _awesome_! I just installed it in Firefox on my machine and tested it with a few pages. Works exactly as needed, and I'm super impressed with how quickly you made this available. Nice work!
Works well! (with apologies to Jeff Geerling)
I've also referenced your browser extension in my repo since several people were asking about how to detect this phishing technique.
Thanks, really good stuff. One thing to note is the iframe is optional. An alternative can be a div (customized to be a login form) that contains the form tag and is aligned with the URL bar & title bar. But since the templates I've put out use iframes this will block them.
United States Trends
- 1. Packers 99.7K posts
- 2. Eagles 128K posts
- 3. Jordan Love 15.4K posts
- 4. Benítez 13.4K posts
- 5. LaFleur 14.8K posts
- 6. #WWERaw 137K posts
- 7. Veterans Day 30.7K posts
- 8. #TalusLabs N/A
- 9. Green Bay 19.1K posts
- 10. AJ Brown 7,158 posts
- 11. McManus 4,488 posts
- 12. Grayson Allen 4,311 posts
- 13. Jalen 24.2K posts
- 14. JOONGDUNK BRIGHT SKIN 207K posts
- 15. Sirianni 5,125 posts
- 16. Kevin Patullo 7,069 posts
- 17. Smitty 5,610 posts
- 18. Jaelan Phillips 8,185 posts
- 19. James Harden 2,004 posts
- 20. Berkeley 62.7K posts
Something went wrong.
Something went wrong.