Found 20 bookmarks
Custom sorting
Gootloader’s Pivot from SEO Poisoning: PDF Converters Become the New Infection Vector
Gootloader’s Pivot from SEO Poisoning: PDF Converters Become the New Infection Vector
Three weeks ago, Gootloader samples suddenly dried up. This has happened before, so I switched VPNs and tried new locations—coffee shops, friends’, and family’s Wi-Fi networks—but still couldn’t re…
#gootloader.wordpress.com#EN#2024#Pivot#SEO#Gootloader#Poisoning#PDF#Converters
·gootloader.wordpress.com·
Gootloader’s Pivot from SEO Poisoning: PDF Converters Become the New Infection Vector
Foxit PDF “Flawed Design” Exploitation
Foxit PDF “Flawed Design” Exploitation
PDF (Portable Document Format) files have become an integral part of modern digital communication. Renowned for their universality and fidelity, PDFs offer a robust platform for sharing documents across diverse computing environments. PDFs have evolved into a standard format for presenting text, images, and multimedia content with consistent layout and formatting, irrespective of the software, hardware, or operating system used to view them. This versatility has made PDFs indispensable in fields ranging from business and academia to government and personal use, serving as a reliable means of exchanging information in a structured and accessible manner.
#checkpoint#EN#2024#Foxit#PDF#Exploitation
·research.checkpoint.com·
Foxit PDF “Flawed Design” Exploitation
Browser-in-the-Middle (BitM) attack
Browser-in-the-Middle (BitM) attack
Man-in-the-Middle (MitM), one of the best known attacks in the world of computer security, is among the greatest concerns for professionals in the field. Main goal of MitM is to compromise confidentiality, integrity and availability of data flowing between source and destination. However, most of its many variants involve difficulties that make it not always possible. The present paper aims at modelling and describing a new method of attack, named Browser-in-the-Middle (BitM) which, despite the similarities with MitM in the way it controls the data flow between a client and the service it accesses, bypasses some of MitM’s typical shortcomings. It could be started by phishing techniques and in some cases coupled to the well-known Man-in-the-Browser (MitB) attack. It will be seen how BitM expands the range of the possible attacker’s actions, at the same time making them easier to implement. Among its features, the absence of the need to install malware of any kind on the victim’s machine and the total control it allows the attacker are to be emphasized. Document PDF
#springer#EN#2021#PDF#paper#BitM#Browser-in-the-Middle
·link.springer.com·
Browser-in-the-Middle (BitM) attack
Browser-in-the-Middle (BitM) attack
Browser-in-the-Middle (BitM) attack
Man-in-the-Middle (MitM), one of the best known attacks in the world of computer security, is among the greatest concerns for professionals in the field. Main goal of MitM is to compromise confidentiality, integrity and availability of data flowing between source and destination. However, most of its many variants involve difficulties that make it not always possible. The present paper aims at modelling and describing a new method of attack, named Browser-in-the-Middle (BitM) which, despite the similarities with MitM in the way it controls the data flow between a client and the service it accesses, bypasses some of MitM’s typical shortcomings. It could be started by phishing techniques and in some cases coupled to the well-known Man-in-the-Browser (MitB) attack. It will be seen how BitM expands the range of the possible attacker’s actions, at the same time making them easier to implement. Among its features, the absence of the need to install malware of any kind on the victim’s machine and the total control it allows the attacker are to be emphasized. [Document PDF](https://link.springer.com/content/pdf/10.1007/s10207-021-00548-5.pdf)
#springer#EN#2021#PDF#paper#BitM#Browser-in-the-Middle
·link.springer.com·
Browser-in-the-Middle (BitM) attack