Pierluigi Paganini December 30, 2019
UAE government denies using ToTok for mass surveillance

The United Arab Emirates denied reports that the popular mobile app ToTok was used as part of a government massive surveillance program. According to a report recently published by the New York Times, the popular app ToTok was used by the UAE government as a surveillance tool. It has been removed from both Apple and […]

Pierluigi Paganini February 03, 2015
Serious security issues in iOS Outlook app Microsoft to access user emails and credentials

A researcher has discovered a series of security issues in the newborn iOS Outlook app that allows Microsoft to access user emails and credentials. Security researcher and Head of Development at midpoints GmbH and IBM Champion RenĂ© Winkelmeyer has published a blog post to warn about security issues in the newborn iOS Outlook app. According to […]

Pierluigi Paganini November 18, 2014
The latest Windows Phone 8.1 has been hacked

Operators of the XDA-developers forum explained how it is possible to hack Windows Phone 8.1 to run any app package in any Program directory. XDA-developers have discovered a new vulnerability in latest Microsoft OS Windows Phone 8.1 that could easily be exploited by attackers to compromise a Nokia Lumia phone running it. The XDA Developers member […]

Pierluigi Paganini October 09, 2014
DREBIN Android app detects 94 percent of mobile malware

A team of German researchers developed an innovative Android app dubbed DREBIN capable of detecting 94 percent of mobile malware. A team of German researchers composed by Daniel Arp, Konrad Rieck, Malte Hubner, Michael Spreitzenbarth of Siemens computer emergency response team and Hugo Gascon of the University of Gottingen have developed an Android app capable […]

Pierluigi Paganini August 22, 2014
Hacking Gmail mobile app with 92 percent success and many other applications

Researchers have developed a malware which exploits “a newly discovered public side channel” which allows the access to the shared memory statistics of an app’s process. Researchers have developed a proof-of-concept malware running on an Android OS that can silently syphon sensitive data from mobile apps on Android, iOS and Windows Phone with up to a 92% success rate. […]

Pierluigi Paganini July 28, 2014
Instagram Adroid App affected by account session Hijacking flaw

A security researcher disclosed a serious issue on Instagram’s Android Application which could be exploited by an attacker to impersonate a victim. A security issue related to Instagram Mobile App for Android expose the users’ account to serious risks of data breach. A security researcher discovered that the Instagram Mobile App is affected by a Hijacking vulnerability which could be […]

Pierluigi Paganini May 21, 2014
Outlook Android App stores emails in plain text on mobile

Researchers at Include Security discovered that the Android App leaves user email messages unprotected by default on the mobile SD cards. A Microsoft Outlook client app for the Android platform lacks of encryption for the storage of email messages on the device’s SD cards. The unique protection mechanism implemented for the Outlook app is a […]

Pierluigi Paganini December 09, 2013
Linkedin iOS app V 6_1_2 HTML message parsing vulnerability

LinkedIn iOS app parses HTML in the messages, and this can be used to phish for credentials or be escalated into a full blown attack. Senior CyberSecurity Specialist Zouheir Abdallah @ZuZ  (Twitter handle), has publicly and responsibly disclosed a vulnerability in LinkedIn’s mobile app. Zouheir is known for reporting a serious vulnerability in DropBox’s 2 Factor […]

Pierluigi Paganini March 12, 2013
Researcher demonstrated serious flaw in Apple App Store

Once again the security of large scale application and platform is challenged, today is the turn of Apple, in particular of its famous Apple store that according the Researchers Elie Bursztein  was vulnerable for more than half year. The developer supported Apple to discovery and fix an important vulnerability that allowed to steal passwords and […]