I really like this kind of content that breaks down research papers for the rest of us. I had no idea that BGP hijacking was such a threat.
I wonder if any security folks out there have more up-to-date information on the resilience of OVH, Hetzner, DigitalOcean and other major provider networks. Are Counter-RAPTOR guards, counter-fingerprinting measures, BGP monitoring and RPKI being deployed in the wild?
#Security #BGP #Networking #Tor #AttackVector #Deanonymization
@Snowshadow @anomnomnomaly
There's an automated account that wanted to follow me today. I don't have any "follower protection" so I don't get these follow requests but this time I got it
and it was only cause it was an automated account that wanted to follow me.
They are now blocked...
Anyway this is an attack vector! Imagine a bad actor fixing up 2000 accounts a day and then having them send follow requests to you.
Imagine the spam!
I could not block them all...
This is crazy! Be careful with browser extensions that simulate payment tools, password managers, security tools, etc.
#PolymorphicExtensions #AttackVector #Cybersecurity #Infosec #BrowserSecurity
Graphene Tattoos: The Future Of Continuous Health Monitoring?
https://hackaday.com/2025/02/16/graphene-tattoos-the-future-of-continuous-health-monitoring/
The #tech part of me thinks this is cool, but my #paranoid part immediately thinks, "the road to Hell is paved with good intentions."
#technology #health #medicine #healthcare #attackvector #dataprivacy #datasecurity #surveillance
This is a common #AttackVector today, but this is very targeted at #Windows and #mac developers.
https://www.darkreading.com/threat-intelligence/crowdstrike-job-interviews-hacker-tactic
Mitigating Attack Vectors in GitHub Workflows: https://openssf.org/blog/2024/08/12/mitigating-attack-vectors-in-github-workflows/
The Register: SafeBreach presented at the Black Hat Asia conference on Friday that flaws in Microsoft and Kaspersky security products could potentially allow the remote deletion of files. Microsoft Defender and Kaspersky's Endpoint Detection and Response (EDR) can be made to detect false positive indicators of malicious files – and then to delete them. The attack relies on the fact that Microsoft and Kaspersky use byte signatures – unique sequences of bytes in file headers – to detect malware. "Our goal was to confuse EDR by implanting malware signatures into legit files and make them think its malicious" 🔗 https://www.theregister.com/2024/04/22/edr_attack_remote_data_deletion/
Reminder: Every "free" web account that you create is an attack vector, an addition to your attack surface. Every additional set of login credentials that has anything to do with "you", every working email address you provide: each one of these is a digital point of weakness that you have voluntarily provided to your enemies and predators. Make sure each new one is worth it.
#CyberSecurity #credentials #CyberAttack #OnlineSafety #AttackVector #AttackSurface
what are legitimate reason for a program to need access to /proc/self/mem
https://security.stackexchange.com/questions/269307/what-are-legitimate-reason-for-a-program-to-need-access-to-proc-self-mem
#privilegeescalation #attackvector #webbrowser #process
#mastodon #security I'm concerned about #vulnerabilities in the #federation of servers. It seems to me that #badActors will be able to use throw away #instances as an #attackVector
This project is an Interesting one. #Meraki devices allow you to log in using the Serial Number. Need a lot more data to refine the key search to something feasible for an online attack.
Nuclear Weapons Agency Hacked in Widening Cyberattack – Report - Sources said the DoE suffered "damage" in the attack, which also likely extends beyond the initial... https://threatpost.com/nuclear-weapons-agency-hacked-cyberattack/162387/ #criticalinfrastructure #nuclearweaponsagency #departmentofenergy #vulnerabilities #attackvector #cyberattack #government #solarwinds #malware #damage #hacks #orion #cisa #ferc #doe
