all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-24068 && CVE-2023-24069: Abusing Signal Desktop Client for fun and for Espionage

Add to bookmarks
Jan. 22, 2023, 7 a.m. |

John J Hacking johnjhacking.com

Identification While using signal, it was observed that the preview of an image was still visible even after having deleted the image because the image had been “replied” to. After looking through multiple files, the culprit directory was identified.
C:\Users\foo\AppData\Roaming\Signal\attachments.noindex\*\ To replicate, an image was sent in a group chat
The image was stored as a regular file in this directory, and the image can be recovered by modifying the extension and adding .

abusing attachments chat client cve desktop directory espionage files fun identification preview signal visible

Visit resource

More from johnjhacking.com / John J Hacking

CVE-2023-24068 && CVE-2023-24069: Abusing Signal Desktop Client for fun and for Espionage 1 year, 2 months ago | johnjhacking.com
abusing attachments chat client +10
OSCP Reborn - 2023 Exam Preparation Guide 1 year, 3 months ago | johnjhacking.com
exam guide oscp preparation
Stealing Data with Zix - Bypassing Data Loss Prevention Policies 1 year, 7 months ago | johnjhacking.com
bypassing data data loss data loss prevention +4
Stealing Data with Zix - Bypassing Data Loss Prevention Policies 1 year, 7 months ago | johnjhacking.com
bypassing data data loss data loss prevention +4
Spear Phishing with Zix: An Undisclosed Red Team Method for the Hungry APT 1 year, 9 months ago | johnjhacking.com
apt phishing red team spear phishing +1
The Ultimate CRTO Preparation Guide 2 years ago | johnjhacking.com
guide preparation
An Open Letter to the Japanese Government on Cybersecurity 2 years ago | johnjhacking.com
cybersecurity government
CVE-2022-27226: CSRF to RCE in iRZ Mobile Routers through 2022-03-16 2 years, 1 month ago | johnjhacking.com
csrf cve cve-2022-27226 mobile +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Junior Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Associate Director, Operations Compliance and Investigations Management

@ Legend Biotech | Raritan, New Jersey, United States
View on infosec-jobs.com

Analyst, Cyber Operations Engineer

@ BlackRock | SN6-Singapore - 20 Anson Road
View on infosec-jobs.com

Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)

@ AVL | Regensburg, DE
View on infosec-jobs.com
View more jobs