• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Hackers deploy fake SonicWall VPN App to steal corporate credentials

 | 

Mainline Health Systems data breach impacted over 100,000 individuals

 | 

Disrupting the operations of cryptocurrency mining botnets

 | 

Prometei botnet activity has surged since March 2025

 | 

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

 | 

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Iran confirmed it shut down internet to protect the country against cyberattacks

 | 

Godfather Android trojan uses virtualization to hijack banking and crypto apps

 | 

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

 | 

Linux flaws chain allows Root access across major distributions

 | 

A ransomware attack pushed the German napkin firm Fasana into insolvency

 | 

Researchers discovered the largest data breach ever, exposing 16 billion login credentials

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me

MITM

Pierluigi Paganini February 24, 2014
Apple restores certificate validation checks mysteriously missed

Apple released a security update to iOS that restores some certificate-validation checks that had apparently been missing for an unspecified amount of time. Last week Apple released a security update to iOS (iOS 7.06) to fix a flaw for certificate-validation checks that could be abused by attackers to conduct a man-in-the-middle attack within the victim’s network  to capture or modify […]

Pierluigi Paganini February 22, 2014
WhatsApp lack enforcing certificate pinning, users exposed to MITM

Experts at Praetorian have been conducting the Project Neptune to assess the security for designing and maintenance of mobile apps, including WhatsApp. This week the IT was shocked by the acquisition of WhatsApp by Facebook, the popular mobile messaging service was sold for $19 billion, probably this is the value assigned to the information managed by […]

Pierluigi Paganini February 14, 2014
Cybercriminals target mobile applications with fake SSL Certificates

Cybercriminals targeting mobile applications with fake SSL Certificates to run man-in-the-middle attacks against the affected companies and their customers. There is the wrong conviction that SSL certification user can protect users from be tricked to visit a fake website. Netcraft has uncovered numerous attacks based on fake SSL certificates used to impersonate online banking websites, ecommerce , ISPs and […]

Pierluigi Paganini February 10, 2014
CERT POLSKA detected large-scale DNS hacking on home routers

Attackers changed the DNS configuration of vulnerable home routers to conduct man-in-the-middle attacks on a large scale against Polish online banking users. The Polish Computer Emergency Response Team has documented a series of cyber attacks observed in Poland involved cybercriminals hacking into home routers and changing their DNS settings so they can conduct MITM attacks on […]

Pierluigi Paganini December 08, 2013
French Government ANSSI responsible of a MITM against Google SSL-TLS

Google discovered the unauthorized use of digital certificates issued by an intermediate certificate authority linked to ANSSI for several Google domains. Google has revealed that late on December 3rd it became aware of unauthorized digital certificates for several Google domains and immediately has started the investigation. Security experts at Google found that the digital certificates […]

Pierluigi Paganini October 19, 2013
Apple iMessage vulnerable to MITM attack

Quarkslab researchers Cyril Cattiaux has revealed Apple lied when it claimed it could not intercept iMessages sent by its users. Quarkslab researchers Cyril Cattiaux revealed that it is possible to break encryption implemented in Apple’s iMessage application due the presence of a weakness in the key management process. The announcement was made during  the Hack in the Box conference […]

Pierluigi Paganini June 15, 2013
Iranian Gmail accounts targeted by state-sponsored attack

Google revealed that tens of thousands of Gmail accounts belonging to Iranian users have been targeted by state-sponsored attacks. The Google company announced that tens of thousands of Gmail accounts of Iranian users have been targeted hacked. The attacks seem to be organized by a group of state sponsored hackers few days before presidential elections. The […]

Pierluigi Paganini March 23, 2013
T-Mobile MITM, a starting point to discuss mobile security

Many times we discussed about large diffusion of mobile devices and of related cyber threats, around a months ago I presented the case of HTC mobile that revealed 18 million devices commercialized by Taiwanese company had security flaws that could exposes users to serious risks, in particular the bugs could allow the theft of information […]

Pierluigi Paganini September 24, 2012
To be or not to be… This is Authentication

Article published on The Malta Indipendent Ron Kelson, Pierluigi Paganini, Fabian Martin, David Pace, Benjamin Gittins We use the Internet on a daily basis to access numerous services available on the web, most of which require a process of identification and validation of a user’s identity, a process commonly defined as Authentication. As Wikipedia states, the […]

Pierluigi Paganini February 16, 2012
Banking sector under attack, are we ready to the challenge?

Where can I find money? At the bank of course, this is the thought which underlies dell’orietamento of cyber crime that seems to have targeted the banking industry and its services. The event is not new but the intensification of efforts in this area is troubling . The banking sector is considered a strategic sector […]

  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • 8

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Hackers deploy fake SonicWall VPN App to steal corporate credentials

    Hacking / June 25, 2025

    Mainline Health Systems data breach impacted over 100,000 individuals

    Data Breach / June 25, 2025

    Disrupting the operations of cryptocurrency mining botnets

    Malware / June 25, 2025

    Prometei botnet activity has surged since March 2025

    Cyber Crime / June 25, 2025

    The U.S. House banned WhatsApp on government devices due to security concerns

    Mobile / June 24, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT