Arif Khan boosted

Same as yesterday's blog post but as a high-level overview without the technical details: Kaspersky applications do not protect an internal API properly, allowing any website to send commands. Yes, websites can still do it, merely with less impact.

palant.de/2019/11/26/internal-

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.