Want to subscribe to topics you're interested in?
Become a Member

Security GPU.zip pixel stealing exploit can steal passwords

Discussion in 'All Internet & Web Performance News' started by eva2000, Sep 28, 2023.

  1. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    6:09 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Heads up folks GPU.zip vulnerability https://www.techspot.com/news/100306-new-pixel-stealing-exploit-can-read-usernames-passwords.html

    And https://www.hertzbleed.com/gpu.zip/


     
  2. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    6:09 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    From https://www.hertzbleed.com/gpu.zip/

     
  3. Jon Snow

    Jon Snow Active Member

    835
    170
    43
    Jun 30, 2017
    Ratings:
    +256
    Local Time:
    4:09 AM
    Nginx 1.13.9
    MariaDB 10.1.31
    What if you're using a separate profile / private browsing mode or you're using a different web browser than the one where your passwords are saved?
     
  4. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    6:09 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Not entirely sure. But using separate profiles or private browsing modes can also provide a level of isolation. These features are designed to keep browsing data (like cookies and cached files) separate, which might help in preventing cross-site tracking or data leakage between different browsing sessions or profiles.

    Also using a password manager like 1password or Proton Pass that securely stores and auto-fills login credentials can be a safer practice as it reduces the chances of displaying sensitive information in the browser.