Pierluigi Paganini
February 24, 2014
Apple released a security update to iOS that restores some certificate-validation checks that had apparently been missing for an unspecified amount of time. Last week Apple released a security update to iOS (iOS 7.06) to fix a flaw for certificate-validation checks that could be abused by attackers to conduct a man-in-the-middle attack within the victim’s network to capture or modify […]
Pierluigi Paganini
February 01, 2014
Cyber Defense Magazine (CDM) CYBER WARNINGS JANUARY 2014 EDITION is available for free. Yes, 2014 is here and we’re surrounded by more and more personally identifiable information (PII) theft, as predicted. Keep an eye on these at http://www.privacyrights.org and find out that we all have common vulnerabilities and exposures (CVEs) which are searchable here at the National Vulnerability Database […]
Pierluigi Paganini
January 29, 2014
A post on cybersecurity written by Larry Karisny, director of ProjectSafety.org,a cybersecurity expert,advisor,consultant, writer and industry speaker. Most of the recent attention on cybersecurity has been directed toward the disclosure of NSA activities and recent corporate breaches now reaching record-breaking levels. Both the public and private sectors are beginning to witness how devastating cyber breaches […]
Pierluigi Paganini
January 12, 2014
Intego Malware Research Team discovered that OSX Flashback trojan is still active with sinkholing activity. Mac users must be aware. Flashback Trojan is a cyber threat known since 2011, it is a trojan horse that targeted a Java vulnerability on Mac OS X machines, early 2012 it spread to infect up to 600,000 machines as […]
Pierluigi Paganini
January 02, 2014
Leaked documents shared by Der Spiegel show how NSA spyware codenamed DROPOUTJEEP can spy on every Apple iPhone. Apple denies any claim. Users buy the iPhone, NSA controls them. This is not a slogan for the last Apple advertising, it is the uncomfortable truth revealed by another set of NSA documents leaked by Snowden and […]
Pierluigi Paganini
December 23, 2013
The evad3rs team has released the untethered jailbreak for different Apple devices running running iOS version from 7.0 to 7.0.4. The evad3rs team has released the untethered jailbreak for numerous Apple devices running running iOS version from 7.0 to 7.0.4 including iPhone (4/5/5S/5C), iPad, and iPod. Device jailbreak allows removal of the limitations designed by manufacturer, the procedure […]
Pierluigi Paganini
December 15, 2013
Researchers at Kaspersky Lab discovered Apple Safari browser stores previous secure session data unencrypted in a hidden folder. Apple’s Safari browser stores session information including authentication credentials used in previous HTTPS sessions to implement the feature “Reopen All Windows from Last Session”. Safari stores in a plain text XML file called Property list, or plist, […]
Pierluigi Paganini
December 08, 2013
NSS Labs issued the report titled “The Known Unknowns” to explain dynamics behind the market of zero-day exploits. Last week I discussed about the necessity to define a model for “cyber conflict” to qualify the principal issues related to the use of cyber tools and cyber weapons in an Information Warfare context, today I decided […]
Pierluigi Paganini
October 30, 2013
Wi-Fi HTTP Request Hijacking attack against iOS – the researchers at Skycure have demonstrated a new technique that menaces mobile users. I’m not surprised for trust given by Internet users to public Wi-Fi networks that are notoriously insecure, wrong habits on the open networks could expose our identity to serious risks, one on all the identity theft. […]
Pierluigi Paganini
October 19, 2013
Quarkslab researchers Cyril Cattiaux has revealed Apple lied when it claimed it could not intercept iMessages sent by its users. Quarkslab researchers Cyril Cattiaux revealed that it is possible to break encryption implemented in Apple’s iMessage application due the presence of a weakness in the key management process. The announcement was made during the Hack in the Box conference […]
