Experts at Trustwave analyzed point-of-sale malware providing data related principal code used, exfiltration and persistence techniques implemented. Trustwave firm as published an interesting report on the point-of-sale malware based on its investigation on different breaches involving payment card data. The experts at Trustwave have examined a large amount of malware that targets point-of-sale devices, this family of malicious code is […]
The CERT has published the results of its test conducted on popular Android applications that fail to properly validate SSL certificates. In several posts we have discussed about the improper validation of  SSL certificates made by mobile devices, recently we mentioned the case of the Gmail app for iOS devices which, according to an expert at mobile security […]
The Chinese Government is running a MITM attack on SSL encrypted traffic between Chinese China Education and Research Network and Google. Google website, like many other web services, is blocked by the Chinese Government, which operate a rugged censorship on the Internet content. But block a resource like Google is anachronistic and counterproductive, for this reason, China allows […]
Apple CEO Tim Cook announced that the company will improve the security of its solutions, including iCloud, starting from extension of 2FA mechanisms. The recent disclosure of hundreds celebrity pictures has raised the discussion on the level of security offered by the Apple iCloud stored service. To improve the security offered by the iCloud service, Appleâs CEO Tim Cook […]
The Digital Citizen’s Alliance provided an updating to the study which analyzes online black markets, focusing on the sales of illegal drugs. The cybercrime ecosystem has no limit, it is a prolific industry that evolves with time and is always full of new players as reported in a recent report published by the Digital Citizen’s Alliance. The […]
Experts at Kaspersky spotted an interesting attack from Brazilian criminals that try to change the DNS settings of home routers by using a web-based attack. Experts at Kaspersky Lab have uncovered a hacking campaign conducted by Brazilian threat actors which is targeting home routers by using a web-based attack. The hackers are adopting different techniques, […]
CryptoPhone 500 security firm has found 17 bogus cellphone towers in the US with a heavily customized handset exploited for surveillance activities. Seventeen mysterious cellphone towers have been discovered in the USA, they are identical to legitimate towers, the unique difference is related a heavily customized handset built for Android security. According to the Popular Science, […]
The APWG Report Q2 2014 states that phishing activities continue to increase, phishers are targeting Crypto Currency, Payment Services and Retail Sites. The APWG has published its new report related to phishing activities in the period April – June 2014, the document titled “Phishing Activity Trends Report, 2nd Quarter 2014” states that online payment services […]
Dominique Bongard has presented an improvement to previous attack on WPS which allows to discover the PIN in just one second with offiline calculations. The researcher Dominique Bongard has presented an improvement for the attack on wireless routers with poorly implemented versions of the WPS (Wi-Fi Protected Setup). The WPS is a popular network security standard that allows […]
Mozilla Security Team announced a new accidental disclosure of email addresses and encrypted passwords of about 97,000 Bugzilla users. On Wednesday, officials at Bugzilla, the bug-tracking system managed by Mozilla, confirmed that email addresses and encrypted passwords belonging to 97,000 of their users had been disclosed. Bugzilla is a bug-tracking software system widely used by […]