Pierluigi Paganini
June 30, 2017
Experts at CISCO discovered severe remote code execution vulnerabilities in Cisco IOS Software while conducting internal testing. Cisco warned users of serious vulnerabilities in IOS software that can be exploited by authenticated, remote attackers for code execution and denial-of-service (DoS) attacks. Experts at CISCO discovered the vulnerabilities while conducting internal testing. “The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS […]
Pierluigi Paganini
March 12, 2017
Researchers devised a new attack method that can be leveraged to track mobile devices that rely on MAC address randomization mechanism. The MAC address is a unique and an hardcoded identifier assigned to a device’s network interface. This characteristic makes it an excellent tool for the tracking of the devices. A group of researchers from the U.S. Naval […]
Pierluigi Paganini
February 07, 2017
A study conducted on iOS mobile apps revealed that many of them are affected by security vulnerabilities that expose users to man-in-the-middle (MitM) attacks. A new study confirms that dozens of iOS apps are affected by vulnerabilities that could be exploited by hackers to run man-in-the-middle (MitM) and intercept data from connections even if protected by TLS. […]
Pierluigi Paganini
January 01, 2017
A researcher discovered that a single text message could be exploited to crash the Messages app by MMS on iOS due to a recently discovered bug A single text message could be exploited to disable the Messages app on any iPhone due to a recently discovered bug. The bug flaw makes the Apple Message app inoperable, making it […]
Pierluigi Paganini
September 02, 2016
Apple issued security fixes for Mac OS X and Safari to patch zero-day flaws exploited by Pegasus spyware to spy on mobile users. A few days ago, we reported a detailed analysis of the Trident exploit that triggers three vulnerabilities in order to remotely hack Apple mobile devices through the installation of the Pegasus spyware. The […]
Pierluigi Paganini
August 31, 2016
Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware. Researchers linked it to the NSO group. Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware. Researchers say it’s belonging to an exploit infrastructure connected to the NSO […]
Pierluigi Paganini
August 26, 2016
Apple issued emergency iOS updates to patch three Zero-Days exploited by a government spyware in an high-sophisticated attack. Apple has released the iOS 9.3.5 update for its mobile devices (iPhones and iPads). The security updates address three zero-day vulnerabilities exploited by nation-state actors to spy on activists. Security experts have spotted a strain of spyware targeting […]
Pierluigi Paganini
July 20, 2016
This critical flaw CVE-2016-4631 resides in the ImageIO and could be exploited by a remote attacker to steal sensitive information from Apple devices. Apple fans, I have a bad news for you, just one specially-crafted message can expose your personal information, including your authentication credentials stored in the memory of your Apple device. This means […]
Pierluigi Paganini
May 27, 2016
The security expert Chilik Tamir from Mi3 Security has devised a new attack dubbed SandJacking to install rogue apps on iOS devices. The security expert Chilik Tamir from Mi3 Security has devised some new attack methods that can be exploited by threat actors to install malicious apps on non-jailbroken iOS devices. Tamir presented his attack methods at […]
Pierluigi Paganini
April 06, 2016
iPhone 6s and 6s Plus running the latest iOS version are plagued by a vulnerability that can be exploited to bypass the lockscreen. Another flaw plagues the new Apple iPhone 6s and 6s Plus, this time the mobile devices are affected by a Lockscreen Bypass vulnerability that could be exploited by local attackers to access […]
