A security consultant disclosed a security flaw in WhatsApp which can be exploited to gain access to the private chats of Android device owners.   The recent acquisition of WhatsApp by Facebook has done much to discuss, ever a price so high was paid for an app, but major concerns relate to users’ privacy. The security consultant Bas Bosschert […]
Replicant developers Kocialkowski has discovered a backdoor inside Samsung Galaxy which allows file access on the mobile’s storage. Android is the open source operating system most diffused, but being an open project, there are many customized versions that run  on mobile devices. Almost every mobile phone manufacturer commercializes its devices with a version of the Android OS that […]
Sucuri firm detected a large DDOS attack that leveraged thousands of unsuspecting WordPress websites as indirect amplification vectors. The security community is threatened by a new botnet composed at least 162,000 WordPress-powered websites abused to run DDoS attacks. The technique of attack allows to flood a target with requests sent by WordPress servers that received a […]
The Egyptian penetration tester Ahmed Elsobky discovered a serious flaw that allows attackers to sniff user’s traffic including access token. Facebook is vulnerable to Man-in-the-Middle Attack, The Egyptian penetration tester Ahmed Elsobky discovered a serious flaw that allows attackers to sniff user’s traffic including private information. “We’d actually received an earlier report from another researcher regarding this […]
A Team of US researchers at UC Berkeley conducted a study on the HTTPS traffic analysis of ten widely used HTTPS-secured Web sites with surprising results. User’s privacy is considered a top priority after Snowden‘ revelations on the US surveillance program, recently a couple of cases have shocked IT security community both related to the […]
A serious flaw in the certificate verification process of GnuTLS exposes Linux distros, apps to attack. Another flaw exploitable for surveillance purposes. GnuTLS is an open source secure communications library implementing the SSL, TLS and DTLS protocols, it is used in hundreds of software packages including Red Hat desktop,  all Debian and Ubuntu Linux distributions and many […]
Researchers at Team Cymru published a detailed report on a large scale SOHO pharming attack that hit more that 300,000 devices worldwide. Another mass compromise of small office/home office (SOHO) wireless routers has been uncovered by researchers from security firm Team Cymru. The hackers adopted different techniques to exploit the numerous flaws discovered in the last months […]
Introduction to the article “Car Hacking: You Cannot Have Safety without Security” published by the Infosec Institute. Means, Methods and Countermeasures. Car hacking is a topic increasingly discussed by the media and within the security community, it is crucial to understand the level if security offered by vehicles due the effects of the massive introduction […]
Russia Today media agency has been hacked by unknown attackers just after Putin’s order to move troops to the Crimea was approved by the Parliament. The tension between Russia and Ukraine also has repercussions in the cyberspace where Russia Today, Russian principal news channel website (RT.com) has been hacked and defaced by an unknown group of […]
Vulnerability in Yahoo allowed Egyptian hacker to delete more than 1 million and half records from Yahoo database. Yahoo immediately fixed it. The Egyptian cyber security expert Ibrahim Raafat has discovered a serious flaw  in the Yahoo! website. The hacker demonstrated on his blog how to exploit the “Insecure Direct Object Reference Vulnerability” vulnerability in the Yahoo! sub-domain (suggestions.yahoo.com) to delete all […]