Digital ID

Pierluigi Paganini May 21, 2014
Outlook Android App stores emails in plain text on mobile

Researchers at Include Security discovered that the Android App leaves user email messages unprotected by default on the mobile SD cards. A Microsoft Outlook client app for the Android platform lacks of encryption for the storage of email messages on the device’s SD cards. The unique protection mechanism implemented for the Outlook app is a […]

Pierluigi Paganini May 10, 2014
Federal Trade Commission – Watch out to Health and Fitness Apps

The Federal Trade Commission debated on the privacy ramifications of consumer generated and controlled health data, following data on mobile apps. The Federal Trade Commission has recently released the disconcerting results of a study conducted on 12 mobile health and fitness apps, focusing the analysis on the way they manage users’ personal information. Let me anticipate that […]

Pierluigi Paganini April 25, 2014
A malicious Chrome browser extension is stealing your digital coins

A user raised an alert on Reddit, on the presence of a malicious Chrome browser extension, on the official store, that is able to steal digital coins. Security experts have recently observed a significant increase for the number of malicious browser extensions, malware authors are exploiting the usage of browser addons to conduct illicit activities. Today […]

Pierluigi Paganini April 22, 2014
Certificate revocation checks aren’t efficient against Heartbleed

Security researcher Adam Langley of Google explained the real efficiency of revocation checking in response to OpenSSL heartbeat bug. The Heartbleed bug is a source of great concern for IT industry, every day we discover that the flaw in the OpenSSL library has had a significant impact on Servers, on the mobile industry and on the anonymity […]

Pierluigi Paganini January 24, 2014
Google Chrome bug allows sites to listen users private conversations

Web developers Tal Ater discovered a Google Chrome Bug that allows websites to listen to user private conversations. Google still hasn’t patched it! Google Chrome is one of the most diffused browsers, it has an excellent reputation in terms of security, usability and performance but it is wrong to consider it as perfect. As any […]

Pierluigi Paganini January 21, 2014
Weak passwords, in 2013 it is still a frequent error

SplashData has issued its Annual “25 Worst Passwords of the Year” enumerating the list of the most common password chosen by users. It was October 2012 when for the first time I’ve seen a report from SpashData on most common passwords chosen by users to protect their account on various services. SplashData, which develops password […]

Pierluigi Paganini December 31, 2013

CDM (CYBER DEFENSE MAGAZINE) PRESENTS: CYBER WARNINGS DECEMBER 2013 EDITION The December edition of the free Cyber Defense Magazine is out. Don’t miss it.   SPONSORED BY RSA CONFERENCE 2014 Read each FLIPBOOK edition electronically, online and flip through the page: CYBER WARNINGS E-MAGAZINE:  DECEMBER 2013 CYBER DEFENSE MAGAZINE: ANNUAL EDITION FOR 2013 Download a color PDF […]

Pierluigi Paganini November 13, 2013
MacRumors forum hacked more than one million of users at risks

MacRumors, the Mac news and information website and user forums, was hacked, more than 860,000 accounts were potentially compromised. MacRumors, the popular Mac news and information website and user forums have been hacked this week, according the first news circulating on the internet more than 860,000 accounts were potentially compromised on the total of 1.8 million registered […]

Pierluigi Paganini October 19, 2013
Apple iMessage vulnerable to MITM attack

Quarkslab researchers Cyril Cattiaux has revealed Apple lied when it claimed it could not intercept iMessages sent by its users. Quarkslab researchers Cyril Cattiaux revealed that it is possible to break encryption implemented in Apple’s iMessage application due the presence of a weakness in the key management process. The announcement was made during  the Hack in the Box conference […]

Pierluigi Paganini October 01, 2013 – Can you trust your VPN provider? Maybe … VPN service with no-logging policy announced to have sniffed the traffic of US based server to Catch Hackers. Can we trust the VPN service? is considered one of most reliable VPN service with no-logging policy, its staff declares to provide any citizen all around the world the ability to protect their online privacy. Is is true? Are we sure […]