A security researcher disclosed a serious issue on Instagramâs Android Application which could be exploited by an attacker to impersonate a victim. A security issue related to Instagram Mobile App for Android expose the users’ account to serious risks of data breach. A security researcher discovered that the Instagram Mobile App is affected by a Hijacking vulnerability which could be […]
Security experts at Lacoon discovered a vulnerability in the Gmail iOS app which enables a bad actor to perform a Man-in-the-Middle. Google Gmail application for iOS is exposed to risks of  Man-in-the-Middle (MitM) attacks which allow bad actors to monitor encrypted email communications. An expert at mobile security firm Lacoon has discovered that version of Gmail […]
Security experts at Zimperium firm revealed that LinkedIn users could be potentially vulnerable to Man-in-the-Middle attacks leveraging an SSL stripping. A new research is scaring users of LinkedIn revealing that they could be potentially vulnerable to Man-in-the-Middle (MITM) attacks leveraging an SSL stripping. Despite the US security firm Zimperium reported the problem to LinkedIn more than a […]
Who is abusing of forged SSL certificates in MITM attacks worldwide? A team of researchers implemented a new detection technique to detect the abuses. A team of researchers at Carnegie Mellon University and engineers at Facebook have designed a detection technique for man-in-the-middle attacks over SSL on a large-scale. They analyzed the data extracting useful information, including the […]
Google has announced to have adopted encrypt mechanisms for all Gmail connections to reply to the increasing demand of privacy of Internet users. Google decided to encrypt all Gmail connections to reply to the increasing demand of privacy of Internet users, all the links between its data centers will be encrypted. The surveillance programs disclosed by documents leaked […]
A security consultant disclosed a security flaw in WhatsApp which can be exploited to gain access to the private chats of Android device owners.   The recent acquisition of WhatsApp by Facebook has done much to discuss, ever a price so high was paid for an app, but major concerns relate to users’ privacy. The security consultant Bas Bosschert […]
A serious flaw in the certificate verification process of GnuTLS exposes Linux distros, apps to attack. Another flaw exploitable for surveillance purposes. GnuTLS is an open source secure communications library implementing the SSL, TLS and DTLS protocols, it is used in hundreds of software packages including Red Hat desktop,  all Debian and Ubuntu Linux distributions and many […]
Researchers at Team Cymru published a detailed report on a large scale SOHO pharming attack that hit more that 300,000 devices worldwide. Another mass compromise of small office/home office (SOHO) wireless routers has been uncovered by researchers from security firm Team Cymru. The hackers adopted different techniques to exploit the numerous flaws discovered in the last months […]
Researchers at FireEye have developed a POC that exploits an Apple vulnerability to implement a Background Monitoring on Non-Jailbroken iOS 7 Devices. A vulnerability in Apple products is once again the center of controversy because and also in this case the user’s privacy is at risk. The excellent team of security researchers at FireEye discovered another […]
Apple released a security update to iOS that restores some certificate-validation checks that had apparently been missing for an unspecified amount of time. Last week Apple released a security update to iOS (iOS 7.06) to fix a flaw for certificate-validation checks that could be abused by attackers to conduct a man-in-the-middle attack within the victim’s network  to capture or modify […]