: Browsers actually treat everything before the @ as "user info" and only care about what follows it.

: An Overview of Threats Exploring the Confusion Between Top-Level Domains and File Type Extensions

: A technical preprint (available on arXiv) that discusses the collisions between the namespace for filenames and DNS names.

: This paper analyzes how attackers exploit "file-to-domain confusion," specifically when a string like document.zip could be either a local file or a malicious website. It details threat scenarios including cryptocurrency mining scripts disguised as file extraction processes. Why "stronka.zip" Is a Landmark Case

Stronka.zip 〈Desktop〉

: Browsers actually treat everything before the @ as "user info" and only care about what follows it.

: An Overview of Threats Exploring the Confusion Between Top-Level Domains and File Type Extensions stronka.zip

: A technical preprint (available on arXiv) that discusses the collisions between the namespace for filenames and DNS names. : Browsers actually treat everything before the @

: This paper analyzes how attackers exploit "file-to-domain confusion," specifically when a string like document.zip could be either a local file or a malicious website. It details threat scenarios including cryptocurrency mining scripts disguised as file extraction processes. Why "stronka.zip" Is a Landmark Case stronka.zip

Review & Discussion

User avatar