Pierluigi Paganini
April 16, 2014
SRLabs researchers have published a video POC on YouTube to demonstrate how it is easy to bypass the fingerprint sensor on Samsung Galaxy S5. SRLabs researchers have published a video Proof of Concept on YouTube to demonstrate that they were able to bypass the fingerprint authentication mechanism implemented by Samsung Galaxy S5. The researchers demonstrated to […]
Pierluigi Paganini
March 22, 2014
Security analysts at SenceCy which are monitoring the advancement of a new Zorenium Bot discovered that it is able to infect also iOS devices. Security analysts at SenceCy are monitoring the evolution for the Zorenium Bot, a new and unknown malware which has been advertised in the underground since January 2014. This is the third […]
Pierluigi Paganini
March 20, 2014
For more than two months is is present in the official App Store a fake version of the Tor Browser app. It’s full of adware and spyware. The Tor Browser is the most popular tool for anonymization of the user’s Internet experience, it’s use is literally exploded after the disclosure of numerous documents leaked by […]
Pierluigi Paganini
March 06, 2014
This report provides a brief overview of some basic underground activities in the mobile space in China, describing products and services. Security firm Trend Micro issued an interesting report on Chinese cybercrime which is increasingly targeting mobile platforms thanks to a vast underground offer of services and tools. Trend Micro Mobile Cybercriminal Underground Market report analyzes […]
Pierluigi Paganini
March 05, 2014
A serious flaw in the certificate verification process of GnuTLS exposes Linux distros, apps to attack. Another flaw exploitable for surveillance purposes. GnuTLS is an open source secure communications library implementing the SSL, TLS and DTLS protocols, it is used in hundreds of software packages including Red Hat desktop, all Debian and Ubuntu Linux distributions and many […]
Pierluigi Paganini
March 04, 2014
Chris Soghoian, principal technologist with the American Civil Liberties Union, explained that government surveillance could exploit service update process. Chris Soghoian, principal technologist with the American Civil Liberties Union, during the recent TrustyCon conference highlighted the possibility that the government will exploit automated update services to serve malware and spy on users. Is this the next […]
Pierluigi Paganini
February 27, 2014
Researchers at FireEye have developed a POC that exploits an Apple vulnerability to implement a Background Monitoring on Non-Jailbroken iOS 7 Devices. A vulnerability in Apple products is once again the center of controversy because and also in this case the user’s privacy is at risk. The excellent team of security researchers at FireEye discovered another […]
Pierluigi Paganini
February 24, 2014
Apple released a security update to iOS that restores some certificate-validation checks that had apparently been missing for an unspecified amount of time. Last week Apple released a security update to iOS (iOS 7.06) to fix a flaw for certificate-validation checks that could be abused by attackers to conduct a man-in-the-middle attack within the victim’s network to capture or modify […]
Pierluigi Paganini
February 01, 2014
Cyber Defense Magazine (CDM) CYBER WARNINGS JANUARY 2014 EDITION is available for free. Yes, 2014 is here and we’re surrounded by more and more personally identifiable information (PII) theft, as predicted. Keep an eye on these at http://www.privacyrights.org and find out that we all have common vulnerabilities and exposures (CVEs) which are searchable here at the National Vulnerability Database […]
Pierluigi Paganini
January 29, 2014
A post on cybersecurity written by Larry Karisny, director of ProjectSafety.org,a cybersecurity expert,advisor,consultant, writer and industry speaker. Most of the recent attention on cybersecurity has been directed toward the disclosure of NSA activities and recent corporate breaches now reaching record-breaking levels. Both the public and private sectors are beginning to witness how devastating cyber breaches […]
