HTTPT: A Probe-Resistant Proxy | USENIX –
Repo/Github
#Proxy #Censorship #Cybersec
#HTTPT
Abstract:
Recently, censors have been observed using increasingly sophisticated active probing attacks to reliably identify and block proxies. In this paper, we introduce HTTPT, a proxy designed to hide behind HTTPS servers to resist these active probing attacks. HTTPT leverages the ubiquity of the HTTPS protocol to effectively blend in with Internet traffic, making it more difficult for censors to block. We describe the challenges that HTTPT must overcome, and the benefits it has over previous probe resistant designs.Repo/Github
#Proxy #Censorship #Cybersec
#HTTPT
New Python tool checks NPM packages for manifest confusion issues –
The problem is with the inconsistent information between a package's manifest data as displayed in the NPM registry and the data present in the 'package.json' file of the published package.
A malicious actor could manipulate the manifest data of a new package, eliminating certain scripts or dependencies so that they do not appear in the NPM registry.
However, these scripts or dependencies would still be present in the package.json file and would be executed when the package is installed, without the user being aware
#Github #cybersec #vulnerability
The problem is with the inconsistent information between a package's manifest data as displayed in the NPM registry and the data present in the 'package.json' file of the published package.
A malicious actor could manipulate the manifest data of a new package, eliminating certain scripts or dependencies so that they do not appear in the NPM registry.
However, these scripts or dependencies would still be present in the package.json file and would be executed when the package is installed, without the user being aware
#Github #cybersec #vulnerability
BleepingComputer
New Python tool checks NPM packages for manifest confusion issues
A security researcher and system administrator has developed a tool that can help users check for manifest mismatches in packages from the NPM JavaScript software registry.
Snappy: A tool to detect rogue WiFi access points on open networks –
#Cybersec #Python
#Wifi #RogueAccessPoints
Cybersecurity researchers have released a new tool called 'Snappy' that can help detect fake or rogue WiFi access points that attempts to steal data from unsuspecting people.
Attackers can create fake access points in supermarkets, coffee shops, and malls that impersonate real ones already established at the location. This is done to trick users into connecting to the rogue access points and relay sensitive data through the attackers' devices.#Cybersec #Python
#Wifi #RogueAccessPoints
Forwarded from Pegasus NSO & other spyware
Kaspersky reveals new method to detect Pegasus spyware | Kaspersky –
#Pegasus #NSO #Reign #Predador #iOS #Spyware #Malware #Kapersky #MobileForensics #CyberSec
Kaspersky's Global Research and Analysis Team (GReAT) has developed a lightweight method to detect indicators of infection from sophisticated iOS spyware such as #Pegasus, #Reign, and #Predator through analyzing Shutdown.log, a previously unexplored #forensic artifact.
The company’s experts discovered Pegasus infections leave traces in the unexpected system log, Shutdown.log, stored within any mobile #iOS device’s sysdiagnose archive. This archive retains information from each reboot session, meaning anomalies associated with the Pegasus malware become apparent in the log if an infected user reboots their device.
Among those identified were instances of ”sticky“ processes impeding reboots, particularly those linked to Pegasus, along with infection traces discovered through cybersecurity community observations.
#Pegasus #NSO #Reign #Predador #iOS #Spyware #Malware #Kapersky #MobileForensics #CyberSec