man-in-the-middle Archives - Page 2 of 7

Pierluigi Paganini December 09, 2015

xboxlive digital certificate exposed opens users to MITM attacks

Microsoft has issued an advisory to notify customers that the private keys for an SSL/TLS digital certificate for *xboxlive.com have been disclosed. According to a security advisory published by Microsoft, the company is propagating a new certificate for the *.xboxlive.com domain because it has “inadvertently disclosed” the certificate’s contents. Microsoft confirmed the accidental disclosure of the […]

Pierluigi Paganini December 04, 2015

Kazakhstan – Telco Company Kazakhtelecom will order their costumers to install rogue certificates

The Government of the Kazakhstan makes it mandatory for its citizens to install rogue security certificates to monitor them online. The Government of the Kazakhstan plans to implement a new internet control policy for all the population starting from January 1st 2016, and to accomplish that will order the population to install some rogue security […]

Pierluigi Paganini November 24, 2015

Dell puts users at risk with dangerous eDellRoot root certificate

Dell is in the headlines for shipping PCs with a pre-installed trusted root certificate dubbed eDellRoot that opens users to a number of cyber attacks. Dell is in the headlines for shipping PCs with a pre-installed trusted root certificate that opens users to a number of cyber attacks. Hackers could exploit it to compromise the […]

Pierluigi Paganini November 12, 2015

Snooping Samsung S6 calls with bogus base stations

A duo of security researchers, Daniel Komaromy of San Francisco and Nico Golde of Berlin, demonstrated how to intercept calls using bogus base stations. PacSec Modern Samsung devices, including the last generation Samsung S6, S6 Edge and Note 4, are vulnerable to phone eavesdropping. A duo of experts, Daniel Komaromy of San Francisco and Nico […]

Pierluigi Paganini June 17, 2015

More than 600 million Samsung S devices open to hack

More than 600 million Samsung S devices could be opened to cyber attacks because a flaw in the validation of language pack updates for the SwiftKey keyboard. More than 600 million Samsung smartphones could be opened to cyber attack due to the presence of a security flaw in the validation of the Swiftkey language pack updates. The […]

Pierluigi Paganini June 12, 2015

Law enforcement dismantled gang behind Operation Triangle Phishing Campaign

A joint international operation led to the dismantling of a criminal gang who is behind the Operation Triangle phishing campaign. A joint effort of Law enforcement from six countries, including Italy, Spain, Poland,Belgium, the U.K., and Georgia, allowed the arrest of 49 suspects fraudsters. Twenty individuals were arrested in Italy, 10 in Spain, 18 in […]

Pierluigi Paganini April 14, 2015

Redirect to SMB flaw affects all versions of windows

The Redirect to SMB vulnerability affects all supported versions of Windows and could be exploited to steal users’ credentials for various services. Experts at Cylance have discovered a new credential hijacking vulnerability dubbed Redirect to SMB that affects all versions of Windows OSs, including the upcoming Windows 10. The Redirect to SMB could be exploited by an attacker […]

Pierluigi Paganini April 11, 2015

Great Cannon, the powerful Chinese hacking platform

Researchers uncovered the Great Cannon, a powerful hacking tool, used by the Chinese Government to run MITM attacks, that was used also against GitHub. The researchers from the University of California at Berkeley and the University of Toronto have uncovered a powerful weapon of the Chinese Government cyber arsenal, dubbed the Great Cannon, used to […]

Pierluigi Paganini March 11, 2015

Apple and Microsoft released updates to fix the FREAK flaw

Microsoft and Apple released security updates to fix the FREAK vulnerability recently discovered and affecting their products. FREAK is a major security flaw recently discovered that left users of Apple and Google devices exposed to MITM attack while visiting supposedly secure Websites. At the same time Microsoft issued a specific security advisory to inform its […]

Pierluigi Paganini March 07, 2015

Just $104 to exploit the FREAK flaw and hit the NSA website

Researchers hack NSA’s website with only $104 and 8 hours of Amazon’s cloud computing power using the #FREAK vulnerability A team of researchers demonstrated that it is possible to exploit the FREAK vulnerability to hack the official NSA website by using 8 hours of Amazon’s cloud computing power and spending only $104. The researcher made […]

man-in-the-middle

xboxlive digital certificate exposed opens users to MITM attacks

Kazakhstan – Telco Company Kazakhtelecom will order their costumers to install rogue certificates

Dell puts users at risk with dangerous eDellRoot root certificate

Snooping Samsung S6 calls with bogus base stations

More than 600 million Samsung S devices open to hack

Law enforcement dismantled gang behind Operation Triangle Phishing Campaign

Redirect to SMB flaw affects all versions of windows

Great Cannon, the powerful Chinese hacking platform

Apple and Microsoft released updates to fix the FREAK flaw

Just $104 to exploit the FREAK flaw and hit the NSA website

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

Sophos fixed two critical Sophos Firewall vulnerabilities

French Authorities confirm XSS.is admin arrested in Ukraine

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Cisco confirms active exploitation of ISE and ISE-PIC flaws

QUICK LINKS

man-in-the-middle

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!