Forwarded from BlackBox (Security) Archiv
Surveillance under Surveillance
Surveillance under Surveillance shows you cameras and guards β watching you β almost everywhere. You can see where they are located and, if the information is available, what type they are, the area they observe, or other interesting facts.
Surveillance under Surveillance uses data from OpenStreetMap contributors that is not visualized on the regular OpenStreetMap site.
ππΌ https://sunders.uber.space ππΌ
#surveillance #defense
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Surveillance under Surveillance shows you cameras and guards β watching you β almost everywhere. You can see where they are located and, if the information is available, what type they are, the area they observe, or other interesting facts.
Surveillance under Surveillance uses data from OpenStreetMap contributors that is not visualized on the regular OpenStreetMap site.
ππΌ https://sunders.uber.space ππΌ
#surveillance #defense
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
sunders.uber.space
Surveillance under Surveillance
Surveillance Camera Map
Forwarded from BlackBox (Security) Archiv
Stealing Data With CSS: Attack and Defense
Summary: A method is detailed - dubbed CSS Exfil - which can be used to steal targeted data using Cascading Style Sheets (CSS) as an attack vector. Due to the modern web's heavy reliance on CSS, a wide variety of data is potentially at risk, including: usernames, passwords, and sensitive data such as date of birth, social security numbers, and credit card numbers. The technique can also be used to de-anonymize users on dark nets like Tor. Defense methods are discussed for both website operators as well as web users, and a pair of browser extensions are offered which guard against this class of attack.
π ππΌ Want to check if you are vulnerable?
https://www.mike-gualtieri.com/css-exfil-vulnerability-tester
π‘ ππΌ Want to protect yourself?
ππΌ Install the Chrome plugin:
https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo
ππΌ Install the Firefox plugin:
https://addons.mozilla.org/en-US/firefox/addon/css-exfil-protection
π ππΌ Methods of Exploitation and Proof of Concept
https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense
#css #attack #defense #exploitation #vulnerability
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Summary: A method is detailed - dubbed CSS Exfil - which can be used to steal targeted data using Cascading Style Sheets (CSS) as an attack vector. Due to the modern web's heavy reliance on CSS, a wide variety of data is potentially at risk, including: usernames, passwords, and sensitive data such as date of birth, social security numbers, and credit card numbers. The technique can also be used to de-anonymize users on dark nets like Tor. Defense methods are discussed for both website operators as well as web users, and a pair of browser extensions are offered which guard against this class of attack.
π ππΌ Want to check if you are vulnerable?
https://www.mike-gualtieri.com/css-exfil-vulnerability-tester
π‘ ππΌ Want to protect yourself?
ππΌ Install the Chrome plugin:
https://chrome.google.com/webstore/detail/css-exfil-protection/ibeemfhcbbikonfajhamlkdgedmekifo
ππΌ Install the Firefox plugin:
https://addons.mozilla.org/en-US/firefox/addon/css-exfil-protection
π ππΌ Methods of Exploitation and Proof of Concept
https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense
#css #attack #defense #exploitation #vulnerability
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Mike Gualtieri :: Home
CSS Exfil Vulnerability Tester
This page tests to see if your browser is vulnerable to Cascading Style Sheets (CSS) data leakage. If you are vulnerable, one way to protect yourself is to install the CSS Exfil Protection plugin for your browser.