privacy

Pierluigi Paganini January 03, 2014
Snapchat hack is reality, 4.6M usernames and Numbers exposed

Snapchat hack is reality, 4.6 million usernames and numbers exposed and publicly available on a specifically created domain SnapchatDB.info. Recently I posted an article on a couple of serious flaws in the popular photo messaging application Snapchat, Gibson Security revealed that using a couple of exploits known by the name The ‘Find Friends’ exploit and the ‘Bulk […]

Pierluigi Paganini January 02, 2014
DROPOUTJEEP – How NSA completely controls your iPhone

Leaked documents shared by Der Spiegel show how NSA spyware codenamed DROPOUTJEEP can spy on every Apple iPhone. Apple denies any claim. Users buy the iPhone, NSA controls them. This is not a slogan for the last Apple advertising, it is the uncomfortable truth revealed by another set of NSA documents leaked by Snowden and […]

Pierluigi Paganini December 28, 2013
Snapchat users menaced by a couple of malicious exploits

Gibson Security revealed that The ‘Find Friends’ exploit and the ‘Bulk Registration’ Exploit menace the security and privacy of million of Snapchat users. Gibson Security has recently published the details of a couple of SnapChat vulnerabilities which could be exploited by hackers respectively to massively disclose users and associated phone numbers, and enable the creation fake accounts. […]

Pierluigi Paganini December 23, 2013
Apple iOS 7 Untethered Jailbreak is available

The evad3rs team has released the untethered jailbreak for different Apple devices running running iOS version from 7.0 to 7.0.4. The evad3rs team has released the untethered jailbreak for numerous Apple devices running running iOS version from 7.0 to 7.0.4 including iPhone (4/5/5S/5C), iPad, and iPod. Device jailbreak allows removal of the limitations designed by manufacturer, the procedure […]

Pierluigi Paganini December 15, 2013
Safari browser stores in plaintext previous secure session data

Researchers at Kaspersky Lab discovered Apple Safari browser stores previous secure session data unencrypted in a hidden folder. Apple’s Safari browser stores session information including authentication credentials used in previous HTTPS sessions to implement the feature “Reopen All Windows from Last Session”. Safari stores in a plain text XML file called  Property list, or plist, […]

Pierluigi Paganini December 10, 2013
NSA and GCHQ infiltrated virtual online gaming communities

The Guardian published documents that reveal NSA and GCHQ infiltrate gaming platforms and communities including World of Warcraft and Second Life NSA and British  GCHQ are working to infiltrate the virtual world of online games considered as an attractive environment for cyber terrorists and hackers, this is the last chapter of the Snowden‘s Saga. The Guardian […]

Pierluigi Paganini December 09, 2013
Linkedin iOS app V 6_1_2 HTML message parsing vulnerability

LinkedIn iOS app parses HTML in the messages, and this can be used to phish for credentials or be escalated into a full blown attack. Senior CyberSecurity Specialist Zouheir Abdallah @ZuZ  (Twitter handle), has publicly and responsibly disclosed a vulnerability in LinkedIn’s mobile app. Zouheir is known for reporting a serious vulnerability in DropBox’s 2 Factor […]

Pierluigi Paganini December 08, 2013
French Government ANSSI responsible of a MITM against Google SSL-TLS

Google discovered the unauthorized use of digital certificates issued by an intermediate certificate authority linked to ANSSI for several Google domains. Google has revealed that late on December 3rd it became aware of unauthorized digital certificates for several Google domains and immediately has started the investigation. Security experts at Google found that the digital certificates […]

Pierluigi Paganini December 07, 2013
Android game allows WhatsApp conversations snooping

Google has recently removed from the official Play store the ” Balloon Pop 2″ Android game that allows WhatsApp conversations snooping. Every day numerous friends ask me if it is possible to steal WhatsApp chat messages and how, of course a malware represents an excellent solution to the request. In the past I already posted […]

Pierluigi Paganini November 01, 2013
I don’t like – Facebook Clickjacking and track screen cursors

A misleading script to increase the number of “I like” and an invasive technology to track screen cursors are threatening the Facebook users. The social media are money machines, the interest of private companies, governments and cybercrime are increasing exponentially. Security experts are observing an alarming trend, a growing number of subjects are spending a […]