Pierluigi Paganini
September 23, 2016
Google announced a change to its security policy to increase the account security that includes the OAuth 2.0 token revocation upon password reset. Google has finally announced a new OAuth 2.0 token revocation according to its security policy, the company will roll out the change starting on Oct. 5. The change to the Google security policy […]
Pierluigi Paganini
September 14, 2016
The security expert Issam Rabhi (@issam_rabhi) has discovered a cross-site scripting vulnerability in Google France. The giant already fixed it. A security expert from French security outfit Sysdream, Issam Rabhi (@issam_rabhi), discovered a cross-site scripting vulnerability in Google France. Yes, you‘ve got it right, the website of the IT giant was affected by one of the […]
Pierluigi Paganini
September 09, 2016
From January 2017, Chrome will indicate connection security with an icon in the address bar labeling HTTP connections to sites as non-secure. Google continues its effort to make the web a better place by pushing the adoption of encryption, we left the IT giant in May when it announced the decision to switch on default HTTPS […]
Pierluigi Paganini
September 07, 2016
The CVE-2016-3862 flaw is a remote code execution vulnerability that affects the way images used by certain Android apps parsed the Exif data. Are you an Android user? I have a bad news for you, an apparently harmless image on social media or messaging app could compromise your mobile device. The last security updates issued by […]
Pierluigi Paganini
August 08, 2016
Google has launched a new Google API working together with Dashlane, to stop using passwords for Android users and improving the user experience. It is true that Android security apps work wonder and also Google has been trying to use fewer passwords or none whatsoever, making it harder for someone to penetrate the privacy of its users. […]
Pierluigi Paganini
July 19, 2016
A newly strain of ransomware dubbed cuteRansomware leverages on a Google Doc to host the decryption key and command-and-control features. A recently discovered strain of ransomware, dubbed cuteRansomware, shows that your enterprise isn’t the only one thinking about cloud transition. Modern day hackers are loving the Cloud too. The cuteRansomware was discovered by Netskope security firm which observes an increase […]
Pierluigi Paganini
July 19, 2016
A security expert revealed a number of flaws in the big player’s two-factor authentication methods that could allow crooks to steal money. Social media bug bounty hunter, Arne Swinnen, has revealed a number of flaws in the big player’s 2 factor authentication (2FA) methods that could enable a malicious user to illicit large sums of […]
Pierluigi Paganini
June 29, 2016
Symantec has fixed dozens of critical vulnerabilities affecting its solutions that can be exploited by remote attackers for arbitrary code execution. The popular Google Project Zero hacker Tavis Ormandy last month reported a number of critical security issues in Symantec solutions, and this is the good news. The bad news is that Symantec promptly fixed one […]
Pierluigi Paganini
June 28, 2016
A Google Widevine DRM flaw in the Chrome browser can be exploited to easily download videos streamed from websites such as Amazon Prime Video and Netflix. The flaw was discovered by researchers from the Ben-Gurion University of the Negev in Israel and the Telekom Innovation Laboratories in Germany. According to the experts, the issue exists […]
Pierluigi Paganini
June 09, 2016
A security expert discovered that a crafted PDF document that includes an embedded JPG2000 image can trigger a buffer overflow in the Chrome PDF reader. The security expert Aleksandar Nikolic from the Cisco Talos group has discovered an arbitrary code execution vulnerability (CVE-2016-1681) in PDFium, which is the PDF reader component installed by default in Google Chrome […]
