In yesterday’s post, I outlined the two most successful (and stupid simple) attack techniques that you might not expect to work (and you’d be so very wrong): Today, let’s explore number 3: “Please give me control of your computer so I can, uh, fix it?“ In this attack, an attacker convinces you that there’s someContinue reading “Attack Techniques: Remote Control Software”
Author Archives: ericlaw
Attack Techniques: Full-Trust Script Downloads
While it’s common to think of cyberattacks as being conducted by teams of elite cybercriminals leveraging the freshest 0-day attacks against victims’ PCs, the reality is far more mundane. Most attacks start as social engineering attacks: abusing a user’s misplaced trust. Most attackers don’t hack in, they log in. The most common cyberattack is phishing:Continue reading “Attack Techniques: Full-Trust Script Downloads”
Spring 2024 Updates
After a slow and painful 2024 Cap10K, I ran the HEB Sunshine Run 10K on May 5th in 1:05:53, just 22 seconds faster, but without pain or surprises. After months without running several hours per week, my fitness has definitely fallen off a cliff. I either need to get back to the treadmill or restartContinue reading “Spring 2024 Updates”
ERR_BLOCKED_BY_CLIENT and HTML5 Sandbox
Recently, many Microsoft employees taking training courses have reported problems accessing documents linked to in those courses in Chrome and Edge. In Edge, the screen looks like this: But the problem isn’t limited to Microsoft’s internal training platform, and can be easily reproduced in Chrome: What’s going on? There are a number of root causesContinue reading “ERR_BLOCKED_BY_CLIENT and HTML5 Sandbox”
Mouse Gestures in Edge
Over twenty years ago, the Opera browser got me hooked on mouse gestures, a way for you to perform common browser actions quickly. After I joined the IE team in 2004, I fell in love with a browser extension written by Ralph Hare and I later blogged about it on the IEBlog and helped RalphContinue reading “Mouse Gestures in Edge”
text/plain 