Pierluigi Paganini
February 28, 2018
The security researcher Mohamed Baset discovered a vulnerability in Facebook that exposed email and other details of a page administrator. Facebook has recently addressed an information disclosure vulnerability discovered by the security researcher Mohamed Baset that exposed page administrator. According to Baset, the flaw is a “logical error” that he discovered after receiving an invitation […]
Pierluigi Paganini
February 24, 2018
Paypal issue allows for enumeration of the last four digits of payment method and for the disclosure of account balance and recent transactions of any given PayPal account. Introduction This post details an issue which allows for enumeration of the last four digits of payment method (such as a credit or debit card) and for […]
Pierluigi Paganini
February 19, 2018
The Apple expert Mike Bombich discovered an APFS Filesystem vulnerability that could lead macOS losing data under certain conditions. A few days ago a ‘text bomb‘ bug was reported for Apple iOS and macOS apps, the issue can crash any Apple iPhone, iPad Or Mac. Now the Apple expert Mike Bombich discovered an APFS Filesystem vulnerability that could lead macOS […]
Pierluigi Paganini
February 16, 2018
Researchers discovered an Amazon S3 bucket contains personal information and scans of IDs of some 119,000 US and international citizens. It has happened again, researchers discovered another unsecured Amazon S3 bucket holding a huge trove of data that was exposed online. The Amazon S3 bucket contains personal information and scans of IDs of some 119,000 […]
Pierluigi Paganini
February 09, 2018
The source code for Apple iOS iBoot secure bootloader has been leaked to GitHub, now we will try to understand why this component is so important for the iOS architecture. The iBoot is the component loaded in the early stages of the boot sequence and it is tasked with loading the kernel, it is stored in […]
Pierluigi Paganini
February 05, 2018
The image of a memo leaked online suggests US Army and NSA are able to unmask Tor, I2P, VPNs users and they are working to track Monero, US Army and NSA are able to unmask Tor, I2P, VPNs users and they are working to track Monero, this is the truth revealed by a photo alleged leaked […]
Pierluigi Paganini
January 29, 2018
Military worldwide have publicly shared online their exercise routes recorded through the fitness tracker Strava revealing the fitness sessions conducted inside or near military bases We discussed many times privacy risks related to IoT devices, here we are to discuss an alarming case, fitness tracker Strava revealed details of Military Bases. American and allied military worldwide have publicly shared their exercise […]
Pierluigi Paganini
January 23, 2018
According to a researcher from security firm Predeo, three Sonic apps in the Google Play published by SEGA leak users’ data to uncertified servers. According to a researcher from security firm Predeo, some game applications in the Google Play published by SEGA leak users’ data to uncertified servers. The Android apps are Sonic Dash,  Sonic the Hedgehog™ Classic, and Sonic […]
Pierluigi Paganini
January 21, 2018
Security expert Mikail Tunç analyzed Jenkins servers exposed online discovering that many instances leak sensitive information. The researchers clarify that he did not exploit any vulnerabilities to gain access to Jenkins servers, he simply analyzed open ones. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The automation […]
Pierluigi Paganini
January 16, 2018
A Canadian Man supposed to be the admin of the LeakedSource.com website was charged over the leak of 3 billion hacked accounts. The Canadian man Jordan Evan Bloom (27) was charged with data leak of 3 billion hacked accounts, the man was running a website to collect personal data and login credentials from the victims. The man […]
