Cybersecurity specialists report the detection of a security flaw in the file sharing feature in Slack whose exploitation would allow threat actors to identify the identity of users outside this platform. While the existence of the bug has been proven to Slack, they seem to have no intention of addressing it, leaving the responsibility of […]
ESET researchers discover a previously unreported cyberespionage platform used in targeted attacks against diplomatic missions and governmental institutions, and privacy-concerned users
Security researchers discovered the biggest data breach in Biometric Security Platform BioStar 2 that leaks millions of users facial recognition records, fingerprints, log data, and other personal information. BioStar 2, a web-based biometric security smart lock platform by world’s biggest bio-access B2B company Suprema, and the platform used by UK Metropolitan police, defense contractors and […]
Once again, Mozilla has taken a leaf out of Tor browser’s handbook with the introduction of user anti-fingerprinting technique in Firefox 67 which is scheduled for a release this year in May. Dubbed ‘Letterboxing,’ this method protects against window-size related fingerprinting which is used for profiling and tracking users. For the uninitiated, browser fingerprinting means collection […]
There is very good news for Mozilla Firefox users. After improving the user experience with tracking protection function offering content blocking features and other changes in Firefox 63, Mozilla is aiming for another significant update in the upcoming version of the browser. The new version of Mozilla Firefox called Firefox 67, which is planned to […]
Back then, 2014 to be precise, OnePlus was a newbie, only to rule the mid-to-high segment in the mobile world after a few years. With good sales and high level of user satisfaction, the smartphone portfolio of OnePlus has been improving each year and the latest one to join the same is the OnePlus 6T. […]
“HASSH” is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of an MD5 fingerprint. What can HASSH help with: Use in highly controlled, well understood environments, where any fingerprints outside of a known good set […]
Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on Debian/Ubuntu/Arch (but will probably work on other distributions as well). It […]
Plecost is a vulnerability fingerprinting and vulnerability finder for WordPress blog engine. Installation Using Pypi: > python3 -m pip install plecost Remember that Plecost3 only runs in Python 3. Using Docker: You can run Plecost using Docker: > docker run –rm iniqua/plecost {ARGS} Where {ARGS} is any valid argument of Plecost. A real example could be: > […]
Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on Debian/Ubuntu (but will probably work on other distributions as well). It uses […]
A JA3 hash represents the fingerprint of an SSL/TLS client application as detected via a network sensor or device, such as Bro or Suricata. This allows for simple and effective detection of client applications such as Chrome running on OSX (JA3=94c485bca29d5392be53f2b8cf7f4304) or the Dyre malware family running on Windows (JA3=b386946a5a44d1ddcc843bc75336dfce) or Metasploit’s Meterpreter running on […]
Short Bytes: Traffic fingerprinting is a technique used to sniff the web traffic by analyzing the data packets’ flow pattern- without removing the encryption. This technique has been recently used successfully to break the layers of anonymity of the Tor network users and hidden services. The Tor network is one of the most used popular system […]
In my ever-widening circle of anti-cybercrime methodology this particular approach to attribution of the criminals looting the free world makes me particularly gleeful and I can’t wait to spread the good news: Security company HBGary today released an open source tool to digitally fingerprint malicious code and help identify the source of the malware. The