Pierluigi Paganini October 21, 2014
Hiding a malicious Android APK in images as evasion method

Two researchers at Fortinet have demonstrated during the last Black Hat Europe conference how to hide a malicious Android APK in images. Mobile devices are continuously under attacks, cyber criminals are improving their technique to attack mobile users and increase the profits.  A new technique recently disclosed, allows attackers to hide encrypted malicious Android applications inside […]

Pierluigi Paganini October 15, 2014
Millions Android Cyanogenmod users exposed to MitM attacks due to Code re-use

Researcher explains that vulnerable code re-use of zero-day in Android’s CyanogenMod exposes million users to Man-In-The-Middle attacks. Security experts always discourage jailbreaking and rooting of mobile devices due to the risk related to the installation of not authorized applications that could hide malware and serious bugs. At the Ruxcon Security Conference in Australia, an unnamed security […]

Pierluigi Paganini October 11, 2014
The Snappening, hundreds of thousands pictures leaked

The Snappening, hundreds of thousands of unaware users have had their personal Snapchat photos and videos public disclosed by hackers. The Fappening is considered my mass media one of most interesting case of privacy violation, four archives containing a numerous celebrities nude photos have been released in the last weeks … and many experts sustain that the […]

Pierluigi Paganini October 11, 2014
Authentication vulnerability in PayPal mobile API allows access to restricted Accounts

An Authentication vulnerability in PayPal mobile API, discovered more than one year ago, allows access to restricted Accounts. Another authentication flaw affects PayPal mobile API, an attacker exploiting it could gain access to Blocked Accounts. The authentication restriction bypass vulnerability, resides in the mobile API authentication procedure of the PayPal online-service, according to Vulnerability Laboratory […]

Pierluigi Paganini October 09, 2014
DREBIN Android app detects 94 percent of mobile malware

A team of German researchers developed an innovative Android app dubbed DREBIN capable of detecting 94 percent of mobile malware. A team of German researchers composed by Daniel Arp, Konrad Rieck, Malte Hubner, Michael Spreitzenbarth of Siemens computer emergency response team and Hugo Gascon of the University of Gottingen have developed an Android app capable […]

Pierluigi Paganini October 08, 2014
P2P payment feature hidden in Facebook Messenger

The student Andrew Aude discovered a still unreleased feature for payments of Facebook Messenger by using the iOS and Mac OS X hacking tool Cycript. Facebook is preparing to enter the world of mobile payments according to a recent report published by Techcrunch. The student at Stanford, Andrew Aude discovered a still unreleased feature of Facebook Messenger by […]

Pierluigi Paganini October 01, 2014
Flawed iOS 8’s Reset All Settings Option erases iCloud Docs

The MacRumors forum reported a serious flaw in iOS 8’s ‘Reset All Settings’ Option which causes the deletion of iCloud Drive documents. The Fappening case has raised the question about the level of security offered by iCloud and other cloud storage services. Apple was criticized for the way its security experts managed the flaw in iCloud file […]

Pierluigi Paganini September 27, 2014
FBI concerned about encryption by default for Smartphones

FBI Director James Comey said that he was “very concerned” about decision on Apple and Google to implement data encryption by default on their Smartphones. The FBI is concerned about the improvements made by Apple and Google for their solutions to defend the security and privacy of the users. The companies have implemented encryption by default on […]

Pierluigi Paganini September 24, 2014
The iPhone 6 Touch ID fingerprint reader is still vulnerable to hack

Security expert Marc Rogers, chief security researcher at Lookout Mobile Security, revealed that Apple’s Touch ID is still vulnerable to hack on iphone 6. A few days ago we discussed about the availability on the Internet of the exploit for iOS 7.x based devices, due to the diffusion of Apple Smartphones and tablets the security […]

Pierluigi Paganini September 23, 2014
iOS 7_1 exploit for CVE-2014-4377 critical flaw publicly available

Users which haven’t upgraded their systems to the Apple iOS 8 could be victims of a new iOS 7.1 exploit targeting the CVE-2014-4377 vulnerability. Security experts at Binamuse firm have discovered the availability online of the exploit kit which targets the vulnerability coded CVE-2014-4377, a memory corruption issue in iOS’s core graphics library. The exploitation of CVE-2014-4377 could […]