All Questions
101
questions
1
vote
0
answers
46
views
Jump-Oriented Programming: Why is it better/easier to jump to the dispatcher gadget than to jump from one functional gadget directly to another?
Jump-oriented Programming: Why is it better/easier to jump to the dispatcher gadget than to jump from one functional gadget directly to another functional gadget?
My understanding of JOP:
In jump-...
0
votes
0
answers
26
views
Jump-Oriented Programming: Harder than ROP because the registers need to be prepared individually? + Turing complete, but large overhead/slow?
Full title: Jump-Oriented Programming: Is it harder than traditional return-oriented programming because you need to manually prepare all the addresses and registers or is there a different reason?
...
1
vote
1
answer
135
views
Does PDF level compression implicitly cleans file of malware?
Recently I've been looking into PDF files security, specifically about malware exploiting vulnerabilities in PDF readers. I thought about one thing - does compressing PDF file (for example, by using ...
0
votes
1
answer
148
views
How are virus or exploits tested without being detected?
I was wondering how threat actors actually test their exploits without them being automatically detected and added to the library of an antivirus detection system, thereby being marked as useless and ...
1
vote
2
answers
182
views
How does malware work when compressed?
I have read up on compressed folders of file types such as .zip, .rar and .7zip being the malicious file itself (excluding cases such as an .exe file being disguised as a .zip file etc...), only ...
0
votes
0
answers
212
views
Is UAC an overestimated protection measure in Windows? Does Linux do it better?
Windows is an API-based operating system, whereas Linux is file-based. Hence in my opinion, any operating system API security measures alone aren't effective in Windows. One of such examples would be ...
3
votes
1
answer
444
views
Is running rsync as root problematic?
Is there a security risk with running rsync as root to copy potentially malicious files? Or for that matter with any read command like cp, cat, du?
Background:
I'm moving data from various systems ...
0
votes
0
answers
32
views
How to permanently remove DDE Exploit:O97M/DDEDownloader.C? Do I need to nuke my computer? Is it safe to not do so? [duplicate]
1Starting yesterday windows defender has found and quarantined 5 copies (pic 1) of the following threat (pic2) Exploit:O97M/DDEDownloader.C see here.
I tried contacting Microsoft tech support but they ...
0
votes
2
answers
639
views
How to completely restrict Steam in Linux to defend against remote zero day exploits?
My question is, how can i completely restrict Steam's processes and modules to only have access to what they suppose to, and not be able to do anything malicious, for example running bin/sh or ...
1
vote
2
answers
240
views
Has exploitation been demonstrated against the fundamental constructs of the debugging process?
I'm curious to know if an attacker can fundamentally exploit the debugging process.
I'm not asking if specific debugging tools have been exploitable, surely some have, but rather whether the process ...
0
votes
1
answer
231
views
Is it possible for a compressed file to contain malicious code?
I recently downloaded 2 compressed files (.zip and .rar) from a really unreliable and untrusted source while using a browser integrated VPN. My antivirus didn't notice anything but I am curious if it ...
3
votes
0
answers
2k
views
How does PUA:Win32/InstallCore get on my PC?
I run a full (not quick) scan of Windows Defender every night. Somehow, between two nights ago and last night an instance of PUA:Win32/InstallCore got placed on my PC. Windows Defender removed it, ...
1
vote
0
answers
133
views
Exploitation of Resource Packages in Java
I understand this might be a usual question but I thought it'd be interesting to get people's feedback regardless as this relates to security.
In games, in particular I am thinking about Minecraft, ...
3
votes
2
answers
2k
views
How to protect from dependency confusion attacks?
I recently came across following article
https://www.bleepingcomputer.com/news/security/researcher-hacks-over-35-tech-firms-in-novel-supply-chain-attack/
it describe about an exploit which exploit ...
0
votes
2
answers
774
views
Does malware that comes through outdated apps go away if I uninstall the apps?
I was reading this and this article.
The first article itself is about why software updates are extremely important for security, and the second one also mentions the following:
"Make sure your ...