Search found 134 matches

by morganism
Sat Feb 24, 2024 10:02 pm
Forum: NoScript General
Topic: oft updated blocklists
Replies: 1
Views: 221

oft updated blocklists

(Looks good, putting here cuz block thread is locked) Herr Bischoff's Blocklists Feel free to use the following lists without restriction and without guarantees or warranties of any kind. I will do my best to keep it updated but that's about it. They are refreshed at the given intervals, so fetching...
by morganism
Mon Apr 11, 2022 8:49 pm
Forum: Security
Topic: Protect domains that do not send email
Replies: 0
Views: 10720

Protect domains that do not send email

Make sure that domains that do not send email cannot be used for spoofing. Read this guidance if you manage government IT and you want to protect domains which do not send email from spoofing attacks. Criminals can use unprotected domains for email spoofing and phishing, making it easier to commit f...
by morganism
Fri Mar 18, 2022 7:14 pm
Forum: Security
Topic: Browser In The Browser (BITB) Attack
Replies: 1
Views: 5020

Browser In The Browser (BITB) Attack

This article explores a phishing technique that simulates a browser window within the browser to spoof a legitimate domain. https://mrd0x.com/browser-in-the-browser-phishing-attack/ For security professionals, the URL is usually the most trusted aspect of a domain. Yes there’s attacks like IDN Homog...
by morganism
Thu Mar 10, 2022 9:16 am
Forum: Security
Topic: sandbox escape affecting only Debian, Ubuntu, and other derivatives
Replies: 0
Views: 8289

sandbox escape affecting only Debian, Ubuntu, and other derivatives

An unexpected Redis sandbox escape affecting only Debian, Ubuntu, and other derivatives "This post describes how I broke the Redis sandbox, but only for Debian and Debian-derived Linux distributions. Upstream Redis is not affected. That makes it a Debian vulnerability, not a Redis one. The culp...
by morganism
Thu Mar 03, 2022 8:07 am
Forum: Security
Topic: White House goes Zero Trust by end of 2024
Replies: 1
Views: 4888

White House goes Zero Trust by end of 2024

The Far Reach of the White House’s Zero Trust Memo The long answer is this: The government’s initiative to adopt zero trust should be seen as the earliest sign of a widespread inflection point for both the public and private sectors. This should not be read as akin to the government implementing new...
by morganism
Mon Feb 21, 2022 7:05 pm
Forum: Security
Topic: Top 10 web hacking techniques of 2021
Replies: 1
Views: 5193

Re: Top 10 web hacking techniques of 2021

an annoying page thru story here, but in depth article on the replacement for the kgb hackers. https://interaktiv.br.de/elite-hacker-fsb/en/index.html The Snake hackers are also known by the names Turla or Uroburos. Ultimately, the reporting leads to a company in the Russian city of Ryazan – a compa...
by morganism
Mon Feb 21, 2022 6:46 pm
Forum: Security
Topic: Google Tag Manager, the new anti-adblock weapon
Replies: 0
Views: 5585

Google Tag Manager, the new anti-adblock weapon

Google Tag Manager, the new anti-adblock weapon The "Server-Side Tagging" version of the Google tool allows you to bypass browser and other adblocker protections "Your adblocker (uBlock Origin on Firefox for example), your content blocker ( Firefox Focus or Adguard on iOS for example)...
by morganism
Thu Feb 10, 2022 10:46 am
Forum: Security
Topic: Top 10 web hacking techniques of 2021
Replies: 1
Views: 5193

Top 10 web hacking techniques of 2021

Top 10 web hacking techniques of 2021 "the latest iteration of our annual community-powered effort to identify the most significant web security research released in the last year." https://portswigger.net/research/top-10-web-hacking-techniques-of-2021 they also recommend the nomination li...
by morganism
Sun Dec 19, 2021 12:22 am
Forum: NoScript Support
Topic: Google Analytics block plug in trouble
Replies: 1
Views: 1699

Google Analytics block plug in trouble

this plugin is supposed to be a GA blocker, but is it hanging the browser? I can't post on another PHP fourum, using java? buttons. Recaptcha wouldn't come up here either. also: The submitted form was invalid. Try submitting again. google analytics requires a plugin to block it, or opt out. https://...
by morganism
Mon Jan 04, 2021 7:27 am
Forum: Security
Topic: temporary containers
Replies: 1
Views: 9494

temporary containers

anyone using this plugin ? https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/ "Open tabs, websites, and links in automatically managed disposable containers. Containers isolate data websites store (cookies, storage, and more) from each other, enhancing your privacy and securit...
by morganism
Wed Dec 23, 2020 10:41 pm
Forum: Web Tech
Topic: what makes the web slow
Replies: 2
Views: 9977

what makes the web slow

"We rendered a million web pages to find out what makes the web slow" [unnecessary link removed - barbaz] https://catchjs.com/Blog/PerformanceInTheWild#top-libs "We haven’t uncovered any new optimization tricks here, but the analysis does give an idea of the scale of the impact one ca...
by morganism
Sat Nov 21, 2020 10:04 am
Forum: Security
Topic: coveryourtracks.eff
Replies: 0
Views: 9616

coveryourtracks.eff

https://coveryourtracks.eff.org

Our tests indicate that you have you have strong protection against Web tracking, though your software isn’t checking for Do Not Track policies.
Is your browser:
Blocking tracking ads? Yes
Blocking invisible trackers? Yes
Protecting you from fingerprinting? Yes
by morganism
Tue Sep 01, 2020 6:38 pm
Forum: Security
Topic: PNG and Hidden Pixels
Replies: 0
Views: 11486

PNG and Hidden Pixels

The new Hidden Pixels decoder at FotoForensics checks how much padding is available. If it is enough to fill out 1 or more rows of pixels, then it increases the image height accordingly.

https://www.hackerfactor.com/blog/index ... ixels.html
by morganism
Sat Jul 25, 2020 6:27 pm
Forum: Security
Topic: Service workers allow website authors to intercept all network requests to their websites
Replies: 0
Views: 9439

Service workers allow website authors to intercept all network requests to their websites

Service workers allow website authors to intercept all network requests to their websites https://www.theguardian.com/info/developer-blog/2015/nov/04/building-an-offline-page-for-theguardiancom https://developers.google.com/web/fundamentals/primers/service-workers "You must be running a browser...