Digital ID

Pierluigi Paganini October 01, 2013
Proxy.sh – Can you trust your VPN provider? Maybe …

Proxy.sh VPN service with no-logging policy announced to have sniffed the traffic of US based server to Catch Hackers. Can we trust the VPN service? Proxy.sh is considered one of most reliable VPN service with no-logging policy, its staff declares to provide any citizen all around the world the ability to protect their online privacy. Is is true? Are we sure […]

Pierluigi Paganini September 28, 2013
Criminals hacked illegal service exposing Americans to Identity theft

An identity theft service that sells personal information on millions of US citizens has been hacked. Millions of US citizens exposed to Id Theft. Around 5 Millions of Americans are exposed to the concrete risk of identity theft, this is one of most clamorous and grotesque case of data breach, hackers stolen data on US citizens that were stored in the […]

Pierluigi Paganini September 23, 2013
Chaos Computer Club claims to have defeated Apple TouchID

Chaos Computer Club claims to have bypassed the biometric security technology Apple TouchID by making a copy of a fingerprint photographed on a glass surface. Hackers members of the Chaos Computer Club claim to have defeated Apple TouchID fingerprint sensor for the iPhone 5S, just after the start of its sale to the public. The Chaos Computer Club in […]

Pierluigi Paganini August 13, 2013
Android wallet apps vulnerability could allow currency theft

Bitcoin.org has released a security advisory related to a serious security flaw related to Android wallet apps that could allow money theft. Yesterday I’ve written on RAT for Android today we will speak of a weakness in some Android wallet apps for the popular mobile operating system that exposes Bitcoin users to risk of theft. […]

Pierluigi Paganini June 27, 2013
Facebook hacked with an SMS, excellent the bug management

The hacker “fin1te”  revealed that Facebook account was hackable within a minute simply with an SMS. Excellent the bug management in the Bug Bounty program. Facebook hacked again, this time hackers have done it without using any other malicious code neither user interaction. UK based Security Researcher, “fin1te” revealed that attack could compromise any Facebook […]

Pierluigi Paganini March 13, 2013
Censorship, governments and corporations enemies of internet

The use of technologies to support censorship is deplorable and condemnable but it must be considered that is a sad reality that has sustained the growth of a billionaire market. Many IT companies around the world are specialized in the providing of solutions used by authoritarian regimes to monitor internet use and persecute the opponents. […]

Pierluigi Paganini January 14, 2013
Nokia and the accusation of MITM attack

The charge is heavy, according to some experts, Nokia analyzes user’s traffic officially to increase performance compressing data on some of its mobile devices. According many experts the popular company is responsible of the hijacking of user’s traffic on its servers, that is the case for the Nokia Asha models, for this reason on internet […]

Pierluigi Paganini January 04, 2013
Turkey – Another story on use of fraudulent digital certificates

It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts. Microsoft has been immediately started the […]

Pierluigi Paganini September 30, 2012
Adobe Code Signing Certificate used to sign malware, who to blame?

It’s happened again, cyber criminals have stolen digital certificates related to companies recognized reliable to sign malicious code. This time the victim is Adobe and according its security chief, Brad Arkin, a group of hackers have signed malware using Adobe digital certificate obtained compromising a vulnerable build server that was used to get code validation […]

Pierluigi Paganini July 09, 2012
Cyberoam DPI vulnerability scares Tor

Last week, on blog.torproject.org was published the news relative to a security vulnerability found in Cyberoam DPI devices (CVE-2012-3372). All is started when a user in Jordan reported seeing a fake certificate to torproject.org. The certificate was issued by Cyberoam companies and the researchers of the Tor project believed that the CA has been tricked  […]