• 32 Posts
  • 1.78K Comments
Joined 2 年前
cake
Cake day: 2023年6月20日

help-circle

















  • Exactly this, the .zip file extension is widely known, and now that it’s also a TLD, it can be confusing for some people. There’s no technical vulnerability, but the existence of .zip TLD just gives more ammo for phishing. For example, someone could register a domain name recent-bank-statements[.]zip (without brackets) and then have a subdomain for chase.com and send someone a link to https://chase.com.recent-bank-statements/[.]zip to “Download your bank statements”. If you’re not looking closely, you might not realize there is a . instead of a / and think that this link would go to chase.com When the site initiates a download of a zip file, you might trust the contents thinking it came from Chase and not a malicious link.



  • Publisher Nexon has now made a statement addressing the situation, saying the ads were submitted by users as part of a ‘TikTok Creative Challenge’, which TikTok describes as an “official creator monetization program that turns your creativity into cash by creating UGC-style ads for your favorite brands”.

    “All submitted videos are verified through TikTok’s system to check copyright violations before they are approved as advertising content. However, we have become aware of cases where the circumstances surrounding the production of certain submitted videos appear inappropriate. Thus, we are conducting a thorough joint investigation with TikTok to determine the facts.

    How could they not see this coming? Of course this will be gamed and abused. This is what happens when you fire your marketing department and outsource it to TikTok.