Encrypted or signed e-mail does not have cryptographic protection of headers; only the body of an e-mail message is encrypted or signed.
The Memory Hole project aims to fix this problem by stashing relevant headers within the body of the e-mail in a standardized way. Compatible mail user agents should be able to use this structure to display the cryptographically protected headers to the user, indicating their protection.
UPDATE: Zimperium’s Mobile Threat Protection customers are safe from this threat, even without updating the device to the latest Android version. Zimperium offers mobile forensic services to its customers. Companies that have reasons to believe that they are under active Stagefright attacks – should contact us ASAP at email@example.com Zimperium Research Labs (zLABS) will release … Read More
For some attackers, it is important that an exploit be extremely reliable. That is to say, the exploit should consistently lead to code execution when it is run on a system with a known platform and Flash version. One way to create such an exploit is to use an especially high-quality bug. This post describes the exploitation of one such bug, and the factors that make it especially good for reliable exploitation.
Chad Hart and Philipp Hancke discuss the how & why WebRTC can expose a local IP address without a user's consent and present a Chrome Extension to fix that
Hacking Wisdom's insight:
The “IP Address Leakage” topic has turned into a public relations issue for WebRTC. It is a fact that the WebRTC API’s can be used to share one’s private IP address(es) without any user consent today. Nefarious websites could potentially use this information to fingerprint individuals who do not want to be tracked. Why is this an issue? Can this be stopped? Can I tell when someone is trying to use WebRTC without my knowledge? We try to cover those questions below along with a walkthrough of a Chrome extension that you can install or modify for yourself that provides a notification if WebRTC is being used without your knowledge.
Two security consultants have created a new computer worm, the Thunderstrike 2, that attacks the core hardware of a Mac computer once unleashed. The worm was designed to expose vulnerabilities in the once-assumed airtight security of Apple products.
A group of Italian researchers have come up with new obfuscation techniques that can be used to dupe malware detection systems and allow mal...
Hacking Wisdom's insight:
A group of Italian researchers have come up with new obfuscation techniques that can be used to dupe malware detection systems and allow malicious actors to execute successful drive-by download attacks.
Sharing your scoops to your social media accounts is a must to distribute your curated content. Not only will it drive traffic and leads through your content, but it will help show your expertise with your followers.
How to integrate my topics' content to my website?
Integrating your curated content to your website or blog will allow you to increase your website visitors’ engagement, boost SEO and acquire new visitors. By redirecting your social media traffic to your website, Scoop.it will also help you generate more qualified traffic and leads from your curation work.
Distributing your curated content through a newsletter is a great way to nurture and engage your email subscribers will developing your traffic and visibility.
Creating engaging newsletters with your curated content is really easy.