#kobold-letters — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #kobold-letters, aggregated by home.social.
-
Today I found out that my article on #KoboldLetters inspired this work on #FicklePDFs: https://portswigger.net/research/fickle-pdfs-exploiting-browser-rendering-discrepancies
-
Today I found out that my article on #KoboldLetters inspired this work on #FicklePDFs: https://portswigger.net/research/fickle-pdfs-exploiting-browser-rendering-discrepancies
-
One week ago we were at #BSidesMunich2024 and if you didn't get a chance to attend, you can now catch up by watching the recordings.
For example, @weddige's talk about Kobold Letters And Other Mischief: https://www.youtube.com/watch?v=ko9cwRM3BZU
-
One week ago we were at #BSidesMunich2024 and if you didn't get a chance to attend, you can now catch up by watching the recordings.
For example, @weddige's talk about Kobold Letters And Other Mischief: https://www.youtube.com/watch?v=ko9cwRM3BZU
-
the recording of my talk on #KoboldLetters and #SalamanderMIME is now on YouTube: https://www.youtube.com/watch?v=ko9cwRM3BZU
-
the recording of my talk on #KoboldLetters and #SalamanderMIME is now on YouTube: https://www.youtube.com/watch?v=ko9cwRM3BZU
-
@lutrasecurity I'll be talking about Salamander/MIME and Kobold Letters at @BSidesMunich tomorrow:
-
@lutrasecurity I'll be talking about Salamander/MIME and Kobold Letters at @BSidesMunich tomorrow:
-
I'm very happy to announce that I'll be speaking at #BSidesMunich2024 on 11th November about Kobold Letters and Other Mischief - How Emails Can Deceive You.
If you haven't got a ticket yet, you can get one here on 8th September: https://2024.bsidesmunich.org/tickets/
Follow @BSidesMunich for more updates.
-
I'm very happy to announce that I'll be speaking at #BSidesMunich2024 on 11th November about Kobold Letters and Other Mischief - How Emails Can Deceive You.
If you haven't got a ticket yet, you can get one here on 8th September: https://2024.bsidesmunich.org/tickets/
Follow @BSidesMunich for more updates.
-
Google just awarded me a $100 bounty for #KoboldLetters in Gmail.
-
Google just awarded me a $100 bounty for #KoboldLetters in Gmail.
-
🇬🇧 The longer form of #blog posts has temporarily started to tire me out a bit, plus I have an additional project on the side for the blog that consumes some of my time. Because of this, lately I've been finding a lot of joy in writing shorter notes like this recent one about #KoboldLetters https://blog.tomaszdunia.pl/kobold-letters/. I can do it even on my phone, which is super convenient!
What do you think about this form of blogging? -
🇵🇱 Dłuższa forma postów na #blog chwilowo zaczęła mnie trochę męczyć, plus mam dla bloga dodatkowy projekt na boku, który pochłania mi trochę czasu. Z uwagi na to ostatnio sporo radości sprawia mi pisanie takich krótszych notatek jak ta ostatnia o #KoboldLetters https://blog.tomaszdunia.pl/kobold-letters/. Mogę to robić nawet na telefonie, co jest super wygodne!
Co myślisz o takiej formie prowadzenia bloga? -
🇵🇱 Dłuższa forma postów na #blog chwilowo zaczęła mnie trochę męczyć, plus mam dla bloga dodatkowy projekt na boku, który pochłania mi trochę czasu. Z uwagi na to ostatnio sporo radości sprawia mi pisanie takich krótszych notatek jak ta ostatnia o #KoboldLetters https://blog.tomaszdunia.pl/kobold-letters/. Mogę to robić nawet na telefonie, co jest super wygodne!
Co myślisz o takiej formie prowadzenia bloga? -
🇵🇱 Nowy wpis na blogu! / 🇬🇧 New blog post!
Kobold Letters – ciekawy sposób ataku przez e-mail
#CSS #cyberbezpieczeństwo #cybersecurity #email #Gmail #HTML #KoboldLetters #Outlook #scam #Thunderbird
Autor: @[email protected]
-
🇵🇱 Nowy wpis na blogu! / 🇬🇧 New blog post!
Kobold Letters – ciekawy sposób ataku przez e-mail
#CSS #cyberbezpieczeństwo #cybersecurity #email #Gmail #HTML #KoboldLetters #Outlook #scam #Thunderbird
Autor: @[email protected]
-
Your answer to phishing is awareness?
That might be enough when you're up against a Nigerian prince, but when you're up against a kobold, it won't be enough.
We've looked at an attack strategy that (mis)uses HTML and CSS to create sophisticated phishing attacks that will fool even the most attentive reader.
The only solution: deactivating HTML emails altogether.
-
Your answer to phishing is awareness?
That might be enough when you're up against a Nigerian prince, but when you're up against a kobold, it won't be enough.
We've looked at an attack strategy that (mis)uses HTML and CSS to create sophisticated phishing attacks that will fool even the most attentive reader.
The only solution: deactivating HTML emails altogether.
-
This is due to something I call #KoboldLetters. By cleverly (mis)using CSS, attackers can display completely different emails to different recipients.
The problems with HTML and CSS in emails have been known for a long time, but the security implications have usually been underestimated or actively downplayed. That's why I wrote an article explaining how HTML emails can be used to deceive recipients into becoming part of an sophisticated #phishing attack.
-
This is due to something I call #KoboldLetters. By cleverly (mis)using CSS, attackers can display completely different emails to different recipients.
The problems with HTML and CSS in emails have been known for a long time, but the security implications have usually been underestimated or actively downplayed. That's why I wrote an article explaining how HTML emails can be used to deceive recipients into becoming part of an sophisticated #phishing attack.