Tag Archive for: code

Frequent Flier Claims to have Cheat Code for Free Checked Bags

/in


If you’re a frequent flier, you’ve probably picked up some methods to save money.

For instance, if you don’t want to fork over the extra cash for an economy-plus seat, you can check the flight map to see if there are any available empty seats. If you’re the last person to board the plane, there’s a chance there will be an economy-plus seat unfilled, so you can just slide right into it. Flight attendants may just give you the benefit of the doubt and let you sit there without hassling you about it. (Hint: this trick probably works best if you’re traveling alone.)

A similar hack can usually be employed with checked luggage. Sure, not keeping your belongings with you is a bit of a pain, and if you only need a small carry-on piece of luggage, you’re going to want to keep it with you on the airplane and toss it in an overhead bin. All other baggage gets tossed in the plane’s storage area. But that means having to wait at the baggage carousel and, depending on the type of ticket you purchase, paying for a checked bag.

But there’s a way around forking over the cash for that checked baggage fee, according to TikTok user Nicole Nina (@hutravelstheworld) who is a self-proclaimed solo traveler who is always jet setting with a decent amount of luggage.

She said that there’s a way to ensure airlines like United and American will check your bags for free, you just need to be willing to get them past security and to a gate agent, who will more than likely be eager to take care of that for you to conserve overhead bin space.

“OK, this is my hack for never paying for a checked bag, and I always travel with so many bags and I always pay for the most basic economy seat,” she explains in the clip. “This is only for airlines like United, American, Lufthansa, Iberia, whatever. This isn’t for like Spirit, RyanAir, EasyJet.”

Nina says that the aforementioned “premium” airlines have begun charging for checked bags or even carry-ons, but she’s found a workaround.

“You have to check in online and then just download it to your phone—your ticket—and then go through security,” she says. “Go to your gate, and then just be like,…

Source…

Cracking the code: Mastering internet security in the modern era

/in


This article aims to unravel the complexities of internet security in the modern age.

In an era where the digital landscape is as expansive as it is interconnected, the need for robust internet security has never been more critical. As we seamlessly traverse the vast realm of the internet, the threats to our digital well-being continue to evolve. This article aims to unravel the complexities of internet security in the modern age, providing insights into key aspects that empower us to safeguard our online presence.

Understanding the threat landscape

Cyber threats overview
The digital age has brought with it a myriad of cyber threats, ranging from the conventional to the highly sophisticated. Malware, phishing, ransomware – these are just a few of the weapons wielded by cybercriminals to compromise our digital lives. Understanding these threats is the first step towards effective defense.

The evolution of cyber attacks
The landscape of cyber attacks has evolved dramatically. What once may have been simple and indiscriminate has transformed into targeted and highly sophisticated assaults. Cybercriminals are no longer solely motivated by chaos; financial gain and political motives are now significant driving forces.

Targeted attacks
Individuals, businesses, and even governments have become targets of cyber attacks. Recognizing the prevalence of targeted attacks emphasizes the urgency for proactive security measures. It’s not just about protecting data; it’s about safeguarding against calculated and deliberate strikes.

Building a strong foundation

Password management
At the core of internet security lies the foundation of strong, unique passwords. Password management tools are indispensable in creating and storing complex passwords, reducing the risk of unauthorized access.

Two-factor authentication (2FA)
Passwords, while essential, can be vulnerable. Implementing Two-Factor Authentication adds an additional layer of defense, requiring a second form of verification beyond a password. This extra step significantly enhances account security.

Software updates and patching
One of the most overlooked aspects of internet…

Source…

Exploit Code Available For Zero-Day IE Flaw

/in


vulnerability download

Symantec security researchers published proof-of-concept code detailing the exploit on the BugTraq security mailing list over the weekend. To launch a successful attack, hackers could install malicious code on users’ PCs by enticing potential victims to either click on a malicious link leading to a specially crafted Web page or by visiting an existing site infected with the exploit. Hackers typically lure victims to infected sites through some social engineering scheme conducted over e-mail.

Security researchers say that the exploit thus far appears to only affect IE 6 and 7 on Windows XP and Vista but could possibly affect other versions of both IE and Windows. Microsoft’s latest IE 8 browser does not appear to be affected by the flaw.

Specifically, the IE bug occurs in the way IE uses cascading style sheet (CSS) information, which ultimately enables hackers to inject the exploit into otherwise legitimate Web sites, according to reports from Symantec. CSS is a function used in Web sites to define the presentation of the site’s content.

So far, the exploit has exhibited signs of poor reliability, but Symantec researchers said in a blog that they expect hackers to develop a fully functional version of the attack in the near future.

Meanwhile, Symantec researchers advise users to disable JavaScript until Microsoft releases a fix for the bug. Symantec experts also recommend that in general users should keep their antivirus software up-to-date and only visit known and trusted Web sites to stay protected from future attacks.

Source…

GoldDigger Android trojan targets Vietnamese banking apps, code contains hints of wider targets • The Register

/in


Singapore-based infosec outfit Group-IB on Thursday released details of a new Android trojan that exploits the operating system’s accessibility features to steal info that enables theft of personal information.

The security research outfit wrote that the trojan, named GoldDigger, currently targets Vietnamese banking apps – but includes code suggesting its developers plan wider attacks. Between June 2023, when it spotted GoldDigger, and late August, Group-IB identified 51 financial organization applications targeted by the trojan. The security form is unsure how many devices have been infected, or how much money has been stolen.

The malware makes its way onto devices after users visit fake websites that manipulate them into downloading the app. Once installed, GoldDigger requests access to Android’s Accessibility Service – the feature designed to assist users with disabilities by allowing apps to interact with each other and modify the user interface.

Permission to use the Accessibility Service means GoldDigger can monitor and manipulate a device’s functions and view personal information such as banking app credentials and the content of SMS messages, and send that info to command-and-control servers. A code snippet found by the researchers suggests the malware attempts to bypass two factor authentication, and is designed to fool banking apps that it is making legitimate transactions.

“We have not confirmed that the Trojan operators use these capabilities at the time of writing. However, based on the behavior of other known Trojans similar to GoldDigger, we don’t think they differ significantly,” explained Group-IB.

“We are definitely observing a significant increase in the Android malware strains abusing the Accessibility Service. For Android malware trends, there is a noticeable shift away from the traditional use of web fakes,” Sharmine Low, malware analyst at Group-IB, told The Register. Low said using the Accessibility Function was a “much more invasive approach compared to generating individual web fake files for each specific target.”

GoldDigger’s developers have left clues that their ambitions may reach beyond Vietnam. The malware includes translations…

Source…