69,976 questions
0
votes
0
answers
43
views
Fingerprinting a Tor onion service by amount of CPU cores?
I am wondering if in theory it is possible to make an estimation of the available CPU cores a server has -- and whether that information could be used as a distinguishing trait to reduce the anonymity ...
- 3,488
0
votes
0
answers
15
views
I trying to do a security check on my Google account when checking all devices my devices are clearly identified, a third one says just plain android [closed]
Google account security check, all devices, my two phones are clearly identified. The other is identified with words and numbers.
There is a third device that keeps signing into my account sometimes ...
- 1
1
vote
3
answers
414
views
Does deterministically random PIDs solve the problems of truely random PIDs?
This can be considered a follow up to Do randomized PIDs bring more security?
A major problem with random PIDs is that they repeat more quickly than sequential PIDs, but in cryptography, we can ...
- 400
1
vote
0
answers
29
views
Logs Not Appearing in Wazuh Dashboard for Mimikatz & SharpHound Attacks
I’m working on a lab environment for my MSc dissertation, focusing on offensive attack simulations and defensive log monitoring using Wazuh.
Current Setup:
Wazuh Manager: Running on Ubuntu server (...
- 11
0
votes
1
answer
71
views
Is pass-the-hash possible with NTLMv2?
I'm new to Windows security, and I'm trying to understand basics of pass-the-hash attacks.
As I understood :
NTLM = NT Hash = Password storage format
NTLMv1 = Net-NTLMv1 = Challenge/response ...
- 154
0
votes
0
answers
38
views
Is PHP vs code extension safe? [closed]
I want to install the PHP vs code extension, but I'm unsure if it is safe. One website says it's safe, and one says it's not. How do I know what site is correct?
0
votes
0
answers
10
views
Disabling USB Keyboards in Linux While Keeping Mice Functional [migrated]
Is it possible to disable USB keyboard interfaces in Linux (to protect against certain BadUSB attacks) while keeping USB mice functional? What methods are available for laptops? I am considering ...
- 1
0
votes
0
answers
44
views
how to create a signed PKCS12 file?
According to RFC7292 the basic structure of a PKCS12 file is this:
PFX ::= SEQUENCE {
version INTEGER {v3(3)}(v3,...),
authSafe ContentInfo,
macData MacData OPTIONAL
...
- 1,808
0
votes
0
answers
14
views
how to make it so a PFX private key can be exported in Windows certmgr [duplicate]
I created a PFX with an X.509 and a private key with OpenSSL. I did not use a password. I then imported the result into Windows and am now trying to export it from Windows but when I do so it's not ...
- 1,808
0
votes
1
answer
55
views
Why do we use TLS if we already have IPsec, and visa versa? [duplicate]
I couldn't understand why IPsec was used when the application data we were going to send was already encrypted by TLS. Or, if at the end of the day, all the data we send is encrypted at the bottom ...
- 9
-1
votes
0
answers
26
views
How can I use my desktop to approve Duo MFA Logins? [closed]
I work at a company which uses Duo MFA for login authentication. Currently I receive push notifications on my phone to authorize logins through the Duo Mobile App.
I would like to add my desktop as an ...
- 1,533
0
votes
0
answers
26
views
Best AWS IAM password criteria (with the current available options)? [closed]
The default password criteria for AWS IAM is low (min 8 chars, one uppercase etc). They appear to use ZXCVBN/pwned or something like it (as you get "password is known" for things like "...
- 63
1
vote
2
answers
140
views
How to stop organization users from uploading company documents to Generative AI tools (ChatGPT)
We are seeing in the company that some users are uploading data and whole documents to ChatGPT for quick fixes or some help, which violates company policy.
Is there a way to block the user from ...
- 163
7
votes
3
answers
3k
views
Why do APTs stick to their TTPs when they are widely documented and can be defended against?
I was researching on Threat Intelligence and came across the Pyramid of Pain. The pyramid places Tactics, Techniques, and Procedures (TTPs) at the top, indicating that having defense mechanisms ...
- 1,437
0
votes
1
answer
102
views
Microcontroller integrity check using salted secure hash: Will this work?
We have a device that contains multiple CPUs with low power.
The main CPU ...
... needs to check if the second CPU(s) contain(s) valid (authorized) software.
... has access to a copy of the correct (...
- 339
0
votes
0
answers
15
views
Can you escape encryption when controlling the input? [migrated]
Consider a scenario where Alice wants to send messages to Bob. However, the only channel they have available is encrypted by Eve. That is, Alice can send an arbitrary message, which is then encrypted ...
- 493
0
votes
0
answers
49
views
How Chrome with non-admin privilege can start GoogleUpdaterService wtih admin privilege without UAC prompt? [closed]
Here is what I have documented:
Chrome runs with non-admin privilege
When I click update in Chrome services.exe start GoogleUpdaterService138.0.7156.0 service
When I run sc start ...
- 1
0
votes
0
answers
37
views
i am trying to sign to github but the 2FA sms i received looks suspicious [closed]
i received an sms to my mobile. it read
Dear Customer your OTP xxxxxx
Do not share this with anyone (SNAPIFY)
the sender name is displayed as JD-SNPFYE-S
i was expecting the sender as GitHub
looks ...
- 101
-1
votes
0
answers
30
views
Is this a safe Google Chrome extension? [closed]
Our organization is working with a freelancer to help get our TikTok ad campaigns up and running after TikTok wrongfully suspended our account. The freelancer has told us that we need to download a ...
- 1
0
votes
1
answer
33
views
the integration of NGINX and HSM in TLS offloading
I'm trying to understand the interaction between NGINX and a Hardware Security Module (HSM) during TLS offloading, particularly in relation to session key handling.
Here's my current understanding:
...
- 51
0
votes
1
answer
44
views
Is Content-Security-Policy advised when allowing external scripts through a plugin?
I'm currently on the development team for a Shopware webshop with approximately 650.000 users. The client requested the installation of the following two plugins: CMS HTML Code Block and Custom ...
- 3,488
1
vote
2
answers
170
views
Why don't people publish their PGP public key in a GitHub repo?
I have been contemplating how I should publish my PGP public key online recently. Being able to meet with someone physically is great, but that after all is a rare priviledge.
Key-servers are a ...
- 225
3
votes
0
answers
64
views
Why does Adobe Acrobat not recognize OCSP responses with SHA-256 CertID as valid for LTV signatures?
I am an electronic signature expert and have encountered an issue with how Adobe Acrobat handles Long-Term Validation (LTV) for digital signatures.
When I generate an LTV-enabled signature and embed ...
- 31
8
votes
2
answers
1k
views
Long-validity SSL certificates -- for non-browser X.509 client certificate authentication
BACKGROUND
In April, the CA/Browser Forum voted to progressively reduce SSL/TLS certificate validity periods according to this schedule:
Current: Maximum 398 days
March 15, 2026: Maximum 200 days (~6-...
- 97
0
votes
0
answers
32
views
Openssl PKCS12 parsing vs reading PEM
In our web interface there are two possible options for new server certificate installation. Either send both server and root in PEM format or one PKCS12. Both use a REST api endpoint (nginx) that ...
- 11
0
votes
2
answers
69
views
Best implementation or methods/practices for making a "Secure As Possible" remember me cookie?
I've been researching the best ways and practices for handling remember-me cookies for my website's users so that they have active sessions and stay logged in for 30 days.
These articles here for ...
0
votes
0
answers
54
views
risk assessment vs threat modelling
I want to have a definitive understanding of the terms risk assessment and threat modelling. I read different articles, but I still can't grasp the difference.
How do I know which exercise I should do?...
- 477
0
votes
1
answer
72
views
Social engineering attack using simple HTML <img> tags. Is it possible?
Let's say the user is visiting sensitive.com and uploads some sensitive image sensitive.com/private.png. This image can be read with a GET request but requires authentication via a session cookie.
Now,...
- 123
0
votes
1
answer
87
views
Block all HTTP/80 traffic? [closed]
We are starting an initiative to remove all unsecure protocols. Logically, we would also need to block HTTP / Port 80. And this is where we cannot agree:
Some say blocking http/80 is a bad idea. port ...
- 195
0
votes
2
answers
53
views
Best practice for Open SSL / TLS compression and CRIME
The general consensus on enabling SSL Compression is "don't" because of the CRIME exploit. However, this exploit seems to have been mitigated in 2012.
I want to know:
Should I still avoid ...
- 103
0
votes
1
answer
60
views
Is an offline password database with a key a reasonable way to hand over credentials?
Suppose I got tasked with setting an infrastructure for an organization that shared one password for everything from Wi-Fi, to that file share on a computer with missing side panel where everything is,...
- 101
0
votes
0
answers
26
views
Does asymetric encryption guarantee different passwords? [migrated]
Do we have any guarantee that in modern asymetric algorithms the encryption and decryption key/password actually do differ?
If a keysize of one binary bit (true/false) have a public key of true. Is ...
- 101
0
votes
3
answers
297
views
Is multiple encryption with different passwords a good idea?
What happens if I encrypt a file 100 times with different encryptions and with different random passwords that are stored locally, is it secure enough? Is it uncrackable?
- 1
1
vote
0
answers
49
views
What advanced tools can detect malware that AVs miss [closed]
I suspect that my system is infected with malware, but multiple antivirus programs (including Windows Defender and [name others if used]) didn't detect anything.
The symptoms include:
Unusual CPU or ...
- 11
0
votes
2
answers
76
views
Does SecureBoot+Lockdown help protect against getting firmware-level malware, even if an attacker gains Root access?
This Reddit comment suggests that even if malicious software gains root access, SecureBoot + Lockdown mode in the Linux kernel can help prevent malware from gaining access to the kernel to perform ...
- 131
0
votes
1
answer
52
views
Is my approach to SSH-based addon installation via PHP backend secure?
I’ve developed a web interface that allows users to install or remove specific game addons. The site is hosted with Nginx, uses PHP on the backend, and is served over HTTPS.
To perform an installation ...
- 101
-3
votes
0
answers
61
views
What is Breach and Attack Simulation (BAS) and how does it help improve security posture?
I’ve been reading about Breach and Attack Simulation (BAS) tools and how they help organizations continuously test their cybersecurity defenses by simulating real-world attack scenarios. How exactly ...
1
vote
1
answer
60
views
What is the difference between coreruleset-4.14.0-minimal.zip and Source code (tar.gz). How do I get the 'Full.zip" download?
In the release downloads section, I'm seeing only "minimal" downloads, and then source downloads. What is the meaning of a "minimal" download, and how can I get the "full"...
- 141
1
vote
0
answers
56
views
Old Apple ID got hacked... But whats the scam? [closed]
Today, I woke up to an email saying:
'The billing information for your Apple ID has been changed.'
Luckily, it wasn't my real Apple ID, but probably an old one that I created years ago (like a throw-...
- 411
0
votes
2
answers
151
views
If I'm creating malicious software for research/educational purposes, how do I avoid my account being banned?
I've been thinking about creating proof-of-concept malicious packages, specifically in the JavaScript space.
Think a repository that directly contains malicious code that scans for secrets, or an NPM ...
- 721
3
votes
1
answer
631
views
Is it possible to use ECDH in SSH without relying on NIST curves?
Within our organization, we are allowed to use the Elliptic Curve Diffie-Hellman (ECDH) key exchange algorithm, with the requirement that key sizes be 384 bits or higher.
In this context, I found that ...
1
vote
0
answers
26
views
why would arena_get() function from malloc return the arena_key in house of prime
I'm trying to understand how in glibc 2.3.5 arena_get function (called by public_mALLOc) will return the arena_key in house of prime exploit, where the arena_key is first overridden to the value of ...
- 11
0
votes
0
answers
15
views
Security of the AppCloud application installed on Samsung smartphones [migrated]
I'm looking for some clarification regarding the AppCloud application that comes pre-installed on Samsung smartphones. From what I understand, it suggests and installs recommended apps, including ones ...
1
vote
0
answers
47
views
The security of "yum install -y msodbcsql17" [closed]
Referring to how to "Install the Microsoft ODBC driver for SQL Server (Linux)" from Microsoft. Here is the link.
https://learn.microsoft.com/en-us/sql/connect/odbc/linux-mac/installing-the-...
- 111
0
votes
0
answers
48
views
Signature based detection: Avoiding false positives using whitelist signatures
When AVs (or other security programs) use signature-based detection of malware, do they also use a whitelist of signatures of benign files to reduce false positives? I am currently looking for ...
- 1
1
vote
1
answer
55
views
File minimization for fuzzing
Fuzzing tends to be more effective when the seed file is small -- or, more precisely, when the seed file is chosen so it is processed as rapidly as possible by the application-being-fuzzed -- as this ...
- 101k
0
votes
1
answer
75
views
How risky is running a random nodejs application?
As a web developer, I frequently create minimal reproductions of whatever issue I'm facing, as a Github repo, and post a link to it in the Stack Overflow question or Github Issue thread that I'm ...
- 721
-2
votes
1
answer
71
views
How to secure SQL query from SQL injection?
I'm reviewing a PHP library that interacts with an Informix database.
Since I'm following the library structure I cannot use pdo. Is it there a guideline on how to properly protect an Informix query ...
- 122
5
votes
1
answer
2k
views
Using my own CA for home VPN -- too much or not enough?
I recently set up a "homelab," so to speak, with several machines that have personal data and applications that I'd like to be able to use on the go. I set up a KeepassXC database secured ...
- 151
3
votes
1
answer
293
views
Does Secureboot require an EFI password to be effective?
A lot of systems have secureboot but don't require any password to access bios/efi settings, which means you can disable secureboot without authentication.
Additionally, it seems like many Linux ...
- 131