Command Execution using the Windows 10 Search Bar

This is not a vulnerability or a security bug. This is a legitimate Windows 10 feature that is often overlooked by businesses and/or corporations. It allows you to run CMD Prompt commands and/or Powershell scripts from the Windows 10 Search Bar.

Advertisements

Don’t buy passwords! Generate your own!

A few years ago, a service called "Diceware Passwords" was created. Recently, it has gained a reputation as a way to receive "cryptographically secure" passwords. The general concept of this service is that someone will create a password by rolling a dice a few times and then picking the numbered words out of a dictionary. In this blog post, I am going to go through some of the ridiculous claims that are on their website and why they are incorrect/misleading.

Watch out for IP Grabbers

About 2 months ago I was the victim of a social engineering attack that leveraged an IP Grabber. These tools are designed simply for script-kiddie level cyber espionage and usually give the attackers the following information: IP Address Internet Service Provider User-Agent Location Information about the victims machine Information about the victims network Cookies of … Continue reading Watch out for IP Grabbers

The Irony of Password Security Requirements

So occasionally organisations like to choose stupid password requirements for signing up to services. This is fairly annoying if you are someone like me who uses totally random passwords from a password generator. Many websites/organisations set arbitrary rules for using passwords, and many of them are either stupid and/or misleading. So I am going to discuss some of them and why they are stupid.

A Small Spam Campaign

About a week ago, I saw this on VirusTotal: https://virustotal.com/en/url/4edb3a7d65360fb15dcdf411bb5cce35eba2b454cf9b6d7d7d5dd4d5dbfff7f9/analysis/ A user by the name of "sgsturby" reported that it was spam. I only had about 20 minutes free so I done some quick google searches involving the domain, which resulted in this: The domain is listed at untrustworthy with a category of Spam by … Continue reading A Small Spam Campaign

The IoT Revolution

Over the past 10 years, connecting physical things to the internet has become quite a trend. People have been adding more and more devices to the internet, such as toasters, televisions, dog food dispensers, baby monitors and even wheelchairs. These devices provide very useful functionality in the average home, since you can change various environmental factors … Continue reading The IoT Revolution