Author Archives: ericlaw

Web Weirdness: Probing Localhost

If you closely watch the Network tab in the Chromium Developer Tools when you try to log into Fidelity Investments, you might notice something that looks a bit weird. JavaScript on the page attempts to create WebSocket connections to a bunch of local ports on the IPv4 localhost address (127.0.0.1): So, what are those portsContinue reading “Web Weirdness: Probing Localhost”

Attack Techniques: Fullscreen Abuse

It’s extremely difficult to prevent attacks when there are no trustworthy pixels on the screen, especially if a user doesn’t realize that none of what they’re seeing should be trusted. Unfortunately for the browsing public, the HTML5 Fullscreen API can deliver this power to an attacker. Today (and for over a decade now), an attackingContinue reading “Attack Techniques: Fullscreen Abuse”

The Challenge of IP Reputation

When protecting clients and servers against network-based threats, it’s tempting to consider the peer’s network address when deciding whether that peer is trustworthy. Unfortunately, while IP addresses can be a valuable signal, attempts to treat traffic as trustworthy or untrustworthy based on IP address alone can be very prone to mistakes. Background Most clients andContinue reading “The Challenge of IP Reputation”

Defensive Techniques: Application Guard

Earlier this year, I mentioned that I load every phishing URL I’m sent to see what it does and whether it tries to use any interesting new techniques. While Edge’s “Enhanced Security Mode” reduces the risks of 0-day attacks against the browser itself, another great defense available for enterprise users is Microsoft Defender Application Guard.Continue reading “Defensive Techniques: Application Guard”

Kilimanjaro – To Exit Gate & Home

Saturday, July 8, 2023; Day 9 and Sunday, July 9, 2023; Home After another night of decent sleep, we turn on the light at 4:45am. It’s a cozy 50F in the tent. Our coffee should arrive in 15 minutes, and then breakfast will begin 15 minutes after that. Breakfast was quick — porridge and eggs,Continue reading “Kilimanjaro – To Exit Gate & Home”