Browsing tag
Google Play Store policies clearly state that Android apps cannot update or modify from third party sources other than Google Play Store themselves. But a report suggests that the UC browser went ahead and violated Google Play Store policies. The popular browser, with over 600 million downloads, made its users vulnerable to man-in-the-middle (MiTM) attacks […]
Cloud cameras (AKA IP Cameras) provide convenient and easy to use visual monitoring device for offices, houses, and shops of all sizes. It is slowly but surely replacing the bulky and complicated CCTV (closed-circuit television) systems, and for the right reason, primarily due to its easy expandability. However, since this kind of system is always […]
Newly Discovered Malicious chrome extension performing Man-in-the-Middle Attack to harvest users log in and password to steal money from Victims Bank Accounts. Recently an analysis of suspicious extensions from Chrome Web Store, an extension called Desbloquear Conteúdo(‘Unblock Content’ in Portuguese) has been discovered. The malicious Extension specifically targets users of Brazilian online banking services and […]
A setting, disabled by default, enables FortiClient on the logon screen to allow users to connect to a VPN profile before logon. An attacker, with physical, or remote (e.g. through TSE, VNC…), access to a machine with FortiClient and this feature enabled, can obtain SYSTEM level privileges from the lock screen. No account or prior […]
Turns any linux computer into a public Wi-Fi network that silently mitms all http traffic. Runs inside a Docker container using hostapd, dnsmasq, and mitmproxy to create an open honeypot wireless network named “Public”. For added fun, change the network name to “xfinitywifi” to autoconnect anyone who has ever connected to those networks… they are everywhere. MAC Randomization By […]
There are many reasons why a WiFi Pineapple might come in handy. With the ability to scan, target, intercept, and report, WiFi Pineapples are easily (and effectively) multi-talented. The general idea of a WiFi Pineapple is providing a middle man between the internet and whatever device is up for target. WiFi man-in-the-middle platform Highly effective […]
In an advisory sent to enterprises across the US, the Department of Homeland Security’s US-CERT group is warning that security products which perform HTTPS interception might weaken a company’s overall security. HTTPS inspection is a method where security products set up a man-in-the-middle proxy for HTTPS traffic. The proxy stands between the client and the […]